Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-30 | CVE-2021-21536 | Information Exposure vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. | 5.5 |
| 2021-04-20 | CVE-2021-21526 | OS Command Injection vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. | 6.7 |
| 2021-04-02 | CVE-2021-21533 | Improper Input Validation vulnerability in Dell Wyse Management Suite Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details | 4.3 |
| 2021-04-02 | CVE-2021-21532 | Improper Input Validation vulnerability in Dell Wyse Thinos 8.6 Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. | 6.3 |
| 2021-04-02 | CVE-2021-21529 | Resource Exhaustion vulnerability in Dell System Update Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. | 5.5 |
| 2021-03-08 | CVE-2021-21510 | Injection vulnerability in Dell Idrac8 Firmware Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. | 6.1 |
| 2021-03-02 | CVE-2021-21514 | Path Traversal vulnerability in Dell Openmanage Server Administrator Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. | 4.9 |
| 2021-03-01 | CVE-2021-21515 | Cross-site Scripting vulnerability in Dell EMC Sourceone 7.2 Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. | 5.4 |
| 2021-02-19 | CVE-2021-21512 | Information Exposure vulnerability in Dell EMC Powerprotect Cyber Recovery 19.7.0.1 Dell EMC PowerProtect Cyber Recovery, version 19.7.0.1, contains an Information Disclosure vulnerability. | 6.0 |
| 2021-02-09 | CVE-2020-26196 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Powerscale Onefs Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue. | 5.5 |