Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2021-07-28 CVE-2020-26180 Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account.
network
low complexity
dell CWE-276
8.8
8.8
2021-07-28 CVE-2020-5351 Unspecified vulnerability in Dell EMC Data Protection Advisor 18.1/6.4/6.5
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password.
network
low complexity
dell
7.5
7.5
2021-07-22 CVE-2020-5316 Uncontrolled Search Path Element vulnerability in Dell products
Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability.
local
low complexity
dell CWE-427
7.8
7.8
2021-07-19 CVE-2020-5315 Insufficiently Protected Credentials vulnerability in Dell EMC Repository Manager
Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability.
local
low complexity
dell CWE-522
8.8
8.8
2021-07-19 CVE-2020-5320 SQL Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability.
network
low complexity
dell CWE-89
7.2
7.2
2021-07-19 CVE-2020-5321 Improper Input Validation vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability.
network
low complexity
dell CWE-20
7.6
7.6
2021-07-19 CVE-2020-5323 Injection vulnerability in Dell products
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability.
network
low complexity
dell CWE-74
8.1
8.1
2021-07-16 CVE-2019-3752 XXE vulnerability in Dell products
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4.
network
low complexity
dell CWE-611
8.2
8.2
2021-06-24 CVE-2021-21572 Out-of-bounds Write vulnerability in Dell products
Dell BIOSConnect feature contains a buffer overflow vulnerability.
local
high complexity
dell CWE-787
7.5
7.5
2021-06-24 CVE-2021-21573 Out-of-bounds Write vulnerability in Dell products
Dell BIOSConnect feature contains a buffer overflow vulnerability.
local
high complexity
dell CWE-787
7.5
7.5