Command injection

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user...

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to...

CVE-2022-34451

PowerPath Management Appliance (Dell) is affected by a Stored Cross‑site Scripting vulnerability. Affects versions 3.3, 3.2*, 3.1, and 3.0*; the issue is exploitable by an authenticated admin user who could hijack user sessions or induce a victim application user to issue arbitrary requests to th...

CVE-2022-34450

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root...

CVE-2022-34450

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root...

CVE-2022-34450

The CVE-2022-34450 entry concerns Dell PowerPath Management Appliance version 3.3, where an authenticated admin can escalate privileges to root. The vulnerability is described as an elevation of privilege allowing unrestricted code execution on the system. Public sources in the provided set ident...

CVE-2022-34449

PowerPath Management Appliance with versions 3.3 & 3.2 contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application...

CVE-2022-34449

PowerPath Management Appliance with versions 3.3 & 3.2 contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application...

CVE-2022-34449

PowerPath Management Appliance (Dell) versions 3.3 and 3.2* are affected by a Hardcoded Cryptographic Keys vulnerability. The issue enables authenticated admin users to view and modify sensitive information stored in the application due to hardcoded keys. Documented impact includes exposure of co...

CVE-2022-34448

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions...

CVE-2022-34448

Dell PowerPath Management Appliance versions 3.0–3.3 are affected by a Cross-site Request Forgery vulnerability that can be exploited by an unauthenticated, non-privileged user to perform privileged state-changing actions. Affected component is the PowerPath host management application; root caus...

CVE-2022-34448

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions...

CVE-2022-34447

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user...

CVE-2022-34447

Dell PowerPath Management Appliance (VM and Docker containerized) affected: versions 3.0, 3.1, 3.2, 3.3. The issue is an OS Command Injection vulnerability that an authenticated remote attacker with administrative privileges could exploit to run commands as root on the system. Root cause details ...

CVE-2022-34447

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user...

CVE-2022-34446

Dell PowerPath Management Appliance (VM/Docker) versions 3.2–3.3 are affected by an Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., Monitoring) can access sensitive data and modify configuration due to weak access control. Affected component: PowerP...

CVE-2022-34446

PowerPath Management Appliance with versions 3.3 & 3.2 contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges e.g., of role Monitoring can exploit this issue and gain access to sensitive information, and modify the configuration...

CVE-2022-34446

PowerPath Management Appliance with versions 3.3 & 3.2 contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges e.g., of role Monitoring can exploit this issue and gain access to sensitive information, and modify the configuration...

CVE-2022-34452

PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs...