Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-5350 OS Command Injection vulnerability in Dell EMC Integrated Data Protection Appliance
Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component.
network
low complexity
dell CWE-78
7.2
2020-04-10 CVE-2020-5330 Unspecified vulnerability in Dell products
Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability.
network
low complexity
dell
7.5
2020-04-04 CVE-2020-5348 Use After Free vulnerability in Dell Latitude 7202 Firmware
Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode.
local
low complexity
dell CWE-416
7.8
2020-04-04 CVE-2020-5347 Resource Exhaustion vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability.
network
low complexity
dell CWE-400
7.5
2020-03-18 CVE-2019-3762 Improper Certificate Validation vulnerability in Dell products
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability.
network
low complexity
dell CWE-295
7.5
2020-03-18 CVE-2019-18582 Code Injection vulnerability in Dell products
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API.
network
low complexity
dell CWE-94
7.2
2020-03-18 CVE-2019-18581 Missing Authorization vulnerability in Dell products
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API.
network
low complexity
dell CWE-862
7.2
2020-03-09 CVE-2020-5342 Incorrect Default Permissions vulnerability in Dell Digital Delivery
Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability.
local
low complexity
dell CWE-276
7.8
2020-02-06 CVE-2020-5319 Improper Validation of Array Index vulnerability in Dell products
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server.
network
low complexity
dell CWE-129
7.5
2020-02-06 CVE-2020-5318 Incorrect Authorization vulnerability in Dell EMC Isilon Onefs
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations.
network
low complexity
dell CWE-863
7.5