CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2023/05/30 4:15 p.m.•10 views

Code injection

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user non-admin can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM...

4.1CVSS7.6AI score0.00131EPSS

Prion•added 2023/05/30 4:15 p.m.•13 views

Design/Logic Flaw

PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems...

1.7CVSS5.4AI score0.00069EPSS

CVE•added 2023/05/30 3:29 p.m.•38 views

CVE-2023-32448

Affected product: Dell PowerPath for Windows (versions 7.0–7.2). Vulnerability: License key is stored in cleartext in the installation directory, enabling a local user with access to retrieve the key and use it to license PowerPath on other systems. Impact: Local access may lead to unauthorized l...

5.5CVSS5.4AI score0.00069EPSS

Vulnrichment•added 2023/05/30 3:29 p.m.•6 views

CVE-2023-32448

5.5CVSS5.4AI score0.00069EPSS

Cvelist•added 2023/05/30 3:29 p.m.•8 views

CVE-2023-32448

5.5CVSS5.7AI score0.00069EPSS

Vulnrichment•added 2023/05/30 3:24 p.m.•7 views

CVE-2023-28080

6.7CVSS7.9AI score0.00131EPSS

CVE•added 2023/05/30 3:24 p.m.•35 views

CVE-2023-28080

PowerPath for Windows (Dell) versions 7.0, 7.1, and 7.2 contain DLL hijacking vulnerabilities that a local non-admin user can exploit to escalate privileges and execute code with NT AUTHORITY\SYSTEM privileges. The issue is documented across multiple feeds (NVD and vendor/national advisories) and...

7.3CVSS7.6AI score0.00131EPSS

Cvelist•added 2023/05/30 3:24 p.m.•12 views

CVE-2023-28080

6.7CVSS7.8AI score0.00131EPSS

Cvelist•added 2023/05/30 3:20 p.m.•12 views

CVE-2023-28079

7CVSS8.2AI score0.00076EPSS

Vulnrichment•added 2023/05/30 3:20 p.m.•6 views

CVE-2023-28079

7CVSS7.9AI score0.00076EPSS

CVE•added 2023/05/30 3:20 p.m.•41 views

CVE-2023-28079

CVE-2023-28079 concerns Dell’s PowerPath for Windows, affecting versions 7.0, 7.1 and 7.2. The root cause is improper management of file and folder permissions, enabling a non‑administrative user to escalate privileges and execute code with NT AUTHORITY\SYSTEM privileges. The vulnerability is loc...

7.8CVSS7.9AI score0.00076EPSS

NCSC•added 2023/05/30 12:0 a.m.•2 views

Vulnerabilities fixed in Dell EMC Powerpath

Dell has fixed vulnerabilities in Powerpath. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute code with SYSTEM privileges, or to gain access to the license key and thereby perform unauthorized new installations. Dell has released updat...

7.8CVSS7.6AI score0.00131EPSS

Exploits0

Positive Technologies•added 2023/05/30 12:0 a.m.•2 views

PT-2023-21538 · Dell · Powerpath For Windows

Name of the Vulnerable Software and Affected Versions: PowerPath for Windows versions 7.0 through 7.2 Description: The issue allows a regular user to exploit weak folder and file permissions, potentially escalating privileges and executing arbitrary code in the context of NT AUTHORITYSYSTEM...

7.8CVSS7.8AI score0.00076EPSS

CNNVD•added 2023/05/30 12:0 a.m.•1 views

Dell PowerPath Management Appliance 代码问题漏洞

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A code issue vulnerability exists in Dell PowerPath Management Appliance versions 7.0, 7.1, and 7.2. An...

7.3CVSS7.8AI score0.00131EPSS

Positive Technologies•added 2023/05/30 12:0 a.m.•1 views

PT-2023-23795 · Dell · Powerpath

Name of the Vulnerable Software and Affected Versions: PowerPath for Windows versions 7.0 through 7.2 Description: The issue allows a local user with access to the installation directory to retrieve the license key of the product. This license key can then be used to install and license PowerPath...

5.5CVSS5.4AI score0.00069EPSS

CNNVD•added 2023/05/30 12:0 a.m.•1 views

Dell PowerPath Management Appliance 安全漏洞

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. An authorization issue vulnerability exists in Dell PowerPath Management Appliance versions 7.0, 7.1, a...

7.8CVSS7.2AI score0.00076EPSS

CNNVD•added 2023/05/30 12:0 a.m.•1 views

Dell PowerPath Management Appliance 安全漏洞

Dell PowerPath Management Appliance is a PowerPath host management application from Dell USA that offers two models: a virtual machine-based appliance and a Docker containerized appliance. A security vulnerability exists in Dell PowerPath Management Appliance version 7.0, 7.1, and 7.2. An attacke...

5.5CVSS5.8AI score0.00069EPSS

CNVD•added 2023/04/19 12:0 a.m.•16 views

Dell PowerPath Management Appliance Elevation of Privilege Vulnerability

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. An elevation of privilege vulnerability exists in Dell PowerPath Management Appliance version 3.3, whic...

6.7CVSS7.4AI score0.00088EPSS

CNVD•added 2023/04/19 12:0 a.m.•13 views

Dell PowerPath Management Appliance Cross-Site Request Forgery Vulnerability

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. The Dell PowerPath Management Appliance suffers from a cross-site request forgery vulnerability that ca...

8.8CVSS8.8AI score0.00221EPSS