CVE-2024-39586

Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure...

PT-2024-28543 · Dell · Dell Appsync Server

Name of the Vulnerable Software and Affected Versions: Dell AppSync Server versions 4.3 through 4.6 Description: The issue is related to an XML External Entity Injection, which could be exploited by an adjacent high privileged attacker, potentially leading to information disclosure...

Dell AppSync Server 代码问题漏洞

Dell AppSync Server is a copy data management software from Dell USA. An XML external entity injection vulnerability exists in Dell AppSync Server versions 4.3 through 4.6, which arises from a networked system or product that does not have the correct filters in place to allow references to...

CVE-2024-25957

Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync...

CVE-2024-25957

Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync...

CVE-2024-25957

Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync...

PT-2024-21241 · Dell · Dell Grab For Windows

Name of the Vulnerable Software and Affected Versions: Dell Grab for Windows versions 5.0.4 and below Description: The issue concerns a cleartext storage of sensitive information in the appsync module. An authenticated local attacker could potentially exploit this, leading to information disclosu...

Dell Grab 日志信息泄露漏洞

Dell Grab is a configuration technology from Dell, Inc. It is used to collect data on hosts connected to Dell EMC storage devices. A log information disclosure vulnerability exists in Dell Grab 5.0.4 and prior versions, which stems from the appsync module containing sensitive information stored i...

Dell EMC AppSync Log Information Disclosure Vulnerability

Dell EMC AppSync is a replication data management software from Dell, Inc. It provides an SLA-driven, simple self-service approach to protecting, recovering, and cloning critical Microsoft and Oracle applications as well as VMware environments. A log information disclosure vulnerability exists in...

CVE-2024-22464

Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user...

CVE-2024-22464

Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user...

Design/Logic Flaw

Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user...

CVE-2024-22464

Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user...

CVE-2024-22464

Dell EMC AppSync (versions 4.2.0.0–4.6.0.0) contains a log-based information disclosure vulnerability in AppSync server logs. A high-privilege remote attacker could potentially access exposed credentials from logs, enabling unauthorized access with the compromised account’s privileges. Affected p...

CVE-2024-22464

Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user...

PT-2024-19439 · Dell Emc · Dell Emc Appsync

Name of the Vulnerable Software and Affected Versions: Dell EMC AppSync versions 4.2.0.0 through 4.6.0.0 Description: The issue allows a high privileged remote attacker to potentially exploit an exposure of sensitive information vulnerability in AppSync server logs, leading to the disclosure of...

Dell EMC AppSync 日志信息泄露漏洞

Dell EMC AppSync is a replication data management software from Dell, Inc. It provides an SLA-driven, simple self-service approach to protecting, recovering, and cloning critical Microsoft and Oracle applications as well as VMware environments. A log information disclosure vulnerability exists in...

Dell EMC AppSync Access Control Error Vulnerability

Dell EMC AppSync is a replication data management software from Dell, Inc. It provides a simple self-service, SLA-driven approach to protecting, recovering and cloning critical Microsoft and Oracle applications and VMware environments. An Access Control Error vulnerability exists in Dell EMC...

CVE-2023-32458

Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation...

CVE-2023-32458

Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation...