Vulnerabilities > Dell > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-12-25 CVE-2024-52534 Authentication Bypass by Capture-replay vulnerability in Dell Elastic Cloud Storage
Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability.
network
low complexity
dell CWE-294
5.4
2024-12-25 CVE-2024-52543 Exposure of Resource to Wrong Sphere vulnerability in Dell Nativeedge Orchestrator
Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability.
local
low complexity
dell CWE-668
4.4
2024-12-17 CVE-2024-52542 Link Following vulnerability in Dell Appsync
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability.
local
low complexity
dell CWE-59
5.5
2024-12-13 CVE-2024-24902 Unspecified vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability.
local
low complexity
dell
5.5
2024-12-13 CVE-2024-47984 Unspecified vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability.
network
low complexity
dell
6.5
2024-12-13 CVE-2024-48008 OS Command Injection vulnerability in Dell Recoverpoint for Virtual Machines 6.0
Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability.
network
low complexity
dell CWE-78
6.5
2024-12-12 CVE-2024-47238 Unspecified vulnerability in Dell products
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component.
local
low complexity
dell
6.7
2024-12-11 CVE-2024-52537 Link Following vulnerability in Dell products
Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability.
local
low complexity
dell CWE-59
6.7
2024-12-11 CVE-2024-53292 Insufficiently Protected Credentials vulnerability in Dell Vxrail Hyperconverged Infrastructure
Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper.
local
low complexity
dell CWE-522
6.7
2024-12-09 CVE-2024-38485 Open Redirect vulnerability in Dell Elastic Cloud Storage
Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability.
network
low complexity
dell CWE-601
4.3