Vulnerabilities > Dell > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-03-26 CVE-2018-1187 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6 is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
2018-03-26 CVE-2018-1186 Cross-site Scripting vulnerability in Dell EMC Isilon
Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface.
network
low complexity
dell CWE-79
4.8
2018-03-16 CVE-2017-14384 Path Traversal vulnerability in Dell Storage Manager
In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability.
network
low complexity
dell CWE-22
6.5
2018-02-03 CVE-2018-1185 OS Command Injection vulnerability in Dell products
An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3.
local
low complexity
dell CWE-78
6.7
2018-02-03 CVE-2018-1184 OS Command Injection vulnerability in Dell products
An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3.
local
low complexity
dell CWE-78
6.7
2018-01-04 CVE-2017-14383 Cross-site Scripting vulnerability in Dell EMC Vnx1 Firmware and EMC Vnx2 Firmware
In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability.
network
low complexity
dell CWE-79
6.1
2017-12-07 CVE-2017-14386 Cross-site Scripting vulnerability in Dell 2335Dn Firmware and 2355Dn Firmware
The web user interface of Dell 2335dn and 2355dn Multifunction Laser Printers, firmware versions prior to V2.70.06.26 A13 and V2.70.45.34 A10 respectively, are affected by a cross-site scripting vulnerability.
network
low complexity
dell CWE-79
6.1
2017-05-04 CVE-2017-4983 Unspecified vulnerability in Dell EMC Data Domain OS
EMC Data Domain OS 5.2 through 5.7 before 5.7.3.0 and 6.0 before 6.0.1.0 is affected by a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system.
local
low complexity
dell
6.7
2017-04-10 CVE-2015-7275 Cross-site Scripting vulnerability in Dell Integrated Remote Access Controller Firmware
Dell Integrated Remote Access Controller (iDRAC) 6 before 2.85 and 7/8 before 2.30.30.30 has XSS.
network
low complexity
dell CWE-79
6.1
2017-02-21 CVE-2015-4056 Cryptographic Issues vulnerability in Dell VCE Vision Intelligent Operations 2.5/2.6/2.6.4
The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cryptography, which makes it easier for local users to discover credentials by leveraging administrative access.
local
low complexity
dell CWE-310
6.7