Lucene search
K

5 matches found

CNVD
CNVD
added 2021/07/14 12:0 a.m.21 views

Dell powerflex presentation server data forgery issue vulnerability

DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...

6.5CVSS2.7AI score0.00336EPSS
Exploits0References1
NVD
NVD
added 2021/07/12 4:15 p.m.15 views

CVE-2021-21588

Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI. An unauthenticated attacker could potentially exploit this vulnerability by tricking the user into performing unwanted actions on the Presentation Server and perform which may lead ...

6.5CVSS0.00336EPSS
Exploits0References1
Prion
Prion
added 2021/07/12 4:15 p.m.15 views

Cross site scripting

Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI. An unauthenticated attacker could potentially exploit this vulnerability by tricking the user into performing unwanted actions on the Presentation Server and perform which may lead ...

4.3CVSS4.6AI score0.00336EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/12 3:40 p.m.15 views

CVE-2021-21588

Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the Presentation Server/WebUI. An unauthenticated attacker could potentially exploit this vulnerability by tricking the user into performing unwanted actions on the Presentation Server and perform which may lead ...

6.5CVSS6.6AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.6 views

Dell EMC PowerFlex数据伪造问题漏洞

DELL Dell EMC PowerFlex is an application from Dell of America DELL, Inc. Dell powerflex presentation server data forgery issue vulnerability, which originates from the product's websocket in the Presentation Server/WebUI does not do user identity An attacker could hijack the Websocket to trick...

6.5CVSS5.6AI score0.00336EPSS
Exploits0References2
Rows per page
Query Builder