Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-21 | CVE-2015-4057 | Information Exposure vulnerability in Dell VCE Vision Intelligent Operations 2.5/2.6/2.6.4 The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext HTTP response upon a request for the Settings screen, which allows remote attackers to discover the admin user password by sniffing the network. | 5.0 |
| 2017-02-03 | CVE-2016-8217 | Information Exposure vulnerability in Dell Bsafe Crypto-J EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. | 4.3 |
| 2017-02-03 | CVE-2016-8212 | Improper Resource Shutdown or Release vulnerability in Dell Bsafe Crypto-J An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. | 5.0 |
| 2017-02-03 | CVE-2016-8211 | Path Traversal vulnerability in Dell EMC Data Protection Advisor EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 5.0 |
| 2016-09-18 | CVE-2016-0923 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used. | 5.0 |
| 2016-04-12 | CVE-2016-4004 | Path Traversal vulnerability in Dell Openmanage Server Administrator 8.2 Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile. | 4.0 |
| 2016-02-08 | CVE-2016-2268 | Cryptographic Issues vulnerability in Dell Secureworks 2.0.6 Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.8 |
| 2015-11-06 | CVE-2015-7770 | Improper Input Validation vulnerability in Dell Sonicwall Totalsecure TZ 100 Firmware Dell SonicWall TotalSecure TZ 100 devices with firmware before 5.9.1.0-22o allow remote attackers to cause a denial of service via a crafted packet. | 5.0 |
| 2015-08-20 | CVE-2015-0536 | Unspecified vulnerability in Dell Bsafe and Bsafe Ssl-C EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero, a similar issue to CVE-2015-1787. network dell | 4.3 |
| 2015-08-20 | CVE-2015-0535 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe and Bsafe Ssl-C EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a similar issue to CVE-2015-0204. | 5.0 |