Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2021-01-14 CVE-2020-29494 Path Traversal vulnerability in Dell products
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM.
network
low complexity
dell CWE-22
8.7
2021-01-05 CVE-2020-26181 Unspecified vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster.
local
low complexity
dell
7.8
2021-01-04 CVE-2020-5361 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Dell CPG Bios
Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords.
low complexity
dell CWE-640
7.6
2021-01-04 CVE-2020-29491 Incorrect Default Permissions vulnerability in Dell Wyse Thinos 8.6
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability.
network
low complexity
dell CWE-276
8.6
2020-12-16 CVE-2020-5360 Out-of-bounds Read vulnerability in multiple products
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability.
network
low complexity
dell oracle CWE-125
7.5
2020-09-02 CVE-2020-5386 Exposure of Resource to Wrong Sphere vulnerability in Dell EMC Elastic Cloud Storage 3.4.0.0/3.4.0.1
Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability.
network
low complexity
dell CWE-668
7.5
2020-09-02 CVE-2020-5369 Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs
Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability.
network
low complexity
dell CWE-732
8.8
2020-08-18 CVE-2020-5385 Incorrect Permission Assignment for Critical Resource vulnerability in Dell Encryption and Endpoint Security Suite Enterprise
Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358.
local
low complexity
dell CWE-732
7.8
2020-07-14 CVE-2020-5374 Use of Hard-coded Credentials vulnerability in Dell EMC Omimssc for Sccm and EMC Omimssc for Scvmm
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability.
network
low complexity
dell CWE-798
7.5
2020-07-14 CVE-2020-5373 Missing Authentication for Critical Function vulnerability in Dell EMC Omimssc for Sccm and EMC Omimssc for Scvmm
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability.
network
low complexity
dell CWE-306
7.5