Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-21 | CVE-2021-43587 | Use of Hard-coded Cryptographic Key vulnerability in Dell Powerpath Management Appliance Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. | 6.7 |
| 2021-11-30 | CVE-2021-36326 | Algorithm Downgrade vulnerability in Dell EMC Streaming Data Platform Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface (UI). | 6.5 |
| 2021-11-30 | CVE-2021-36327 | Server-Side Request Forgery (SSRF) vulnerability in Dell EMC Streaming Data Platform Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery Vulnerability. | 5.3 |
| 2021-11-30 | CVE-2021-36329 | Authorization Bypass Through User-Controlled Key vulnerability in Dell EMC Streaming Data Platform Dell EMC Streaming Data Platform versions before 1.3 contain an Indirect Object Reference Vulnerability. | 6.5 |
| 2021-11-23 | CVE-2021-21561 | Information Exposure Through Log Files vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS version 8.1.2 contains a sensitive information exposure vulnerability. | 5.5 |
| 2021-11-23 | CVE-2021-36332 | Open Redirect vulnerability in Dell EMC Cloud Link Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. | 5.4 |
| 2021-11-23 | CVE-2021-36333 | Classic Buffer Overflow vulnerability in Dell EMC Cloud Link Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. | 5.5 |
| 2021-11-23 | CVE-2021-36334 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Dell EMC Cloud Link Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. | 6.8 |
| 2021-11-20 | CVE-2021-36310 | Resource Exhaustion vulnerability in Dell Networking Os10 Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. | 4.9 |
| 2021-11-20 | CVE-2021-36322 | Injection vulnerability in Dell products Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. | 6.1 |