Vulnerabilities > Dell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-13 | CVE-2018-15774 | Incorrect Authorization vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. | 8.8 |
| 2018-11-30 | CVE-2018-15767 | Incorrect Authorization vulnerability in Dell Openmanage Network Manager 6.5.0/6.5.2 The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. | 8.8 |
| 2018-11-16 | CVE-2018-15769 | RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. | 7.5 |
| 2018-11-13 | CVE-2018-15772 | Resource Exhaustion vulnerability in Dell products Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. | 7.1 |
| 2018-11-02 | CVE-2018-11062 | Use of Hard-coded Credentials vulnerability in Dell EMC Integrated Data Protection Appliance 2.0/2.1/2.2 Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. | 8.8 |
| 2018-10-11 | CVE-2018-15766 | Weak Password Requirements vulnerability in Dell Encryption and Endpoint Security Suite Enterprise On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise versions prior 2.0.1 will overwrite and manually set the "Minimum Password Length" group policy object to a value of 1 on that device. | 7.5 |
| 2018-10-05 | CVE-2018-11064 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell products Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. | 7.8 |
| 2018-10-02 | CVE-2018-11072 | Uncontrolled Search Path Element vulnerability in Dell Digital Delivery Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. | 7.8 |
| 2018-09-28 | CVE-2018-1251 | Open Redirect vulnerability in Dell EMC Unity Firmware and EMC Unityvsa Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. | 8.1 |
| 2018-09-11 | CVE-2018-11078 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Vplex Geosynchrony 5.4/5.5/6.0 Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. | 7.5 |