Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-28 | CVE-2017-8001 | Information Exposure Through Log Files vulnerability in Dell EMC Scaleio An issue was discovered in EMC ScaleIO 2.0.1.x. | 8.4 |
| 2017-09-22 | CVE-2017-8012 | Unspecified vulnerability in Dell products In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Java Management Extensions (JMX) protocol used to communicate between components in the Alerting and/or Compliance components can be leveraged to create a denial of service (DoS) condition. | 7.4 |
| 2017-09-22 | CVE-2017-8007 | Path Traversal vulnerability in Dell products In EMC ViPR SRM, Storage M&R, VNX M&R, and M&R (Watch4Net) for SAS Solution Packs, the Webservice Gateway is affected by a directory traversal vulnerability. | 8.8 |
| 2017-08-04 | CVE-2017-10949 | Path Traversal vulnerability in Dell Storage Manager 2016 R2.1 Directory Traversal in Dell Storage Manager 2016 R2.1 causes Information Disclosure when the doGet method of the EmWebsiteServlet class doesn't properly validate user provided path before using it in file operations. | 7.5 |
| 2017-06-14 | CVE-2017-4981 | Improper Certificate Validation vulnerability in Dell Bsafe Cert-C 2.7 EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability. | 7.5 |
| 2017-04-10 | CVE-2015-7274 | Permissions, Privileges, and Access Controls vulnerability in Dell Integrated Remote Access Controller Firmware 1.99 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | 8.8 |
| 2017-04-10 | CVE-2015-7270 | Path Traversal vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | 7.8 |
| 2017-02-21 | CVE-2015-4057 | Information Exposure vulnerability in Dell VCE Vision Intelligent Operations 2.5/2.6/2.6.4 The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network. | 7.5 |
| 2017-02-03 | CVE-2016-8212 | Improper Resource Shutdown or Release vulnerability in Dell Bsafe Crypto-J An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. | 7.5 |
| 2017-02-03 | CVE-2016-8211 | Path Traversal vulnerability in Dell EMC Data Protection Advisor EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 7.5 |