Vulnerabilities > Dell > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-30 CVE-2015-0949 Improper Privilege Management vulnerability in multiple products
The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver.
local
low complexity
dell hp CWE-269
7.8
2019-12-18 CVE-2019-18573 Session Fixation vulnerability in Dell RSA Identity Governance and Lifecycle
The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to 7.1.1 P03 contain a Session Fixation vulnerability.
network
low complexity
dell CWE-384
8.8
2019-12-06 CVE-2019-18575 Uncontrolled Search Path Element vulnerability in Dell Command|Configure
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability.
local
low complexity
dell CWE-427
7.1
2019-10-14 CVE-2019-3767 Cleartext Storage of Sensitive Information vulnerability in Dell Imageassist
Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability.
local
low complexity
dell CWE-312
8.2
2019-10-09 CVE-2019-3765 Incorrect Permission Assignment for Critical Resource vulnerability in Dell products
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability.
network
low complexity
dell CWE-732
8.1
2019-10-07 CVE-2019-3745 Untrusted Search Path vulnerability in Dell Encryption and Endpoint Security Suite Enterprise
The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0.
local
low complexity
dell CWE-426
7.3
2019-09-30 CVE-2019-3732 Information Exposure Through Discrepancy vulnerability in multiple products
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy.
network
low complexity
emc dell CWE-203
7.5
2019-09-30 CVE-2019-3731 Information Exposure Through Discrepancy vulnerability in Dell products
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy.
network
low complexity
dell CWE-203
7.5
2019-09-30 CVE-2019-3730 Information Exposure Through an Error Message vulnerability in Dell Bsafe Micro-Edition-Suite
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”.
network
low complexity
dell CWE-209
7.5
2019-09-30 CVE-2019-3728 Out-of-bounds Read vulnerability in Dell products
RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature.
network
low complexity
dell CWE-125
7.5