Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-07 | CVE-2019-3704 | OS Command Injection vulnerability in Dell EMC Vnx2 Firmware VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. | 7.8 |
| 2019-02-04 | CVE-2018-15778 | Improper Input Validation vulnerability in Dell Networking Os10 10.3.2R2/10.4.0R3S/10.4.1.4 Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI). | 7.8 |
| 2019-01-18 | CVE-2018-15784 | Improper Certificate Validation vulnerability in Dell Networking Os10 Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. | 7.4 |
| 2018-12-13 | CVE-2018-15774 | Incorrect Authorization vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. | 8.8 |
| 2018-11-30 | CVE-2018-15767 | Incorrect Authorization vulnerability in Dell Openmanage Network Manager 6.5.0/6.5.2 The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. | 8.8 |
| 2018-11-16 | CVE-2018-15769 | RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. | 7.5 |
| 2018-11-13 | CVE-2018-15772 | Resource Exhaustion vulnerability in Dell products Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. | 7.1 |
| 2018-11-02 | CVE-2018-11062 | Use of Hard-coded Credentials vulnerability in Dell EMC Integrated Data Protection Appliance 2.0/2.1/2.2 Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. | 8.8 |
| 2018-10-11 | CVE-2018-15766 | Weak Password Requirements vulnerability in Dell Encryption and Endpoint Security Suite Enterprise On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise versions prior 2.0.1 will overwrite and manually set the "Minimum Password Length" group policy object to a value of 1 on that device. | 7.5 |
| 2018-10-05 | CVE-2018-11064 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell products Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. | 7.8 |