Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-03 | CVE-2019-3754 | Cross-site Scripting vulnerability in Dell products Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. | 6.1 |
| 2019-08-20 | CVE-2019-3753 | Insufficiently Protected Credentials vulnerability in Dell products Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior to 5.1.15.2 contain a plain-text password storage vulnerability. | 6.5 |
| 2019-08-05 | CVE-2019-3717 | Unspecified vulnerability in Dell products Select Dell Client Commercial and Consumer platforms contain an Improper Access Vulnerability. low complexity dell | 6.8 |
| 2019-07-18 | CVE-2019-3734 | Unspecified vulnerability in Dell products Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. | 4.3 |
| 2019-05-15 | CVE-2019-3727 | OS Command Injection vulnerability in Dell products Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. | 6.7 |
| 2019-04-25 | CVE-2019-3720 | Path Traversal vulnerability in Dell EMC Openmanage Server Administrator Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. | 4.9 |
| 2018-12-13 | CVE-2018-15776 | Unspecified vulnerability in Dell Idrac7 Firmware and Idrac8 Firmware Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. low complexity dell | 6.8 |
| 2018-12-05 | CVE-2018-15773 | Information Exposure vulnerability in Dell Data Protection | Encryption Dell Encryption (formerly Dell Data Protection | Encryption) v10.1.0 and earlier contain an information disclosure vulnerability. | 4.3 |
| 2018-11-30 | CVE-2018-15768 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell Openmanage Network Manager Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database. | 6.5 |
| 2018-11-26 | CVE-2018-11077 | OS Command Injection vulnerability in multiple products 'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. | 6.7 |