EUVD-2021-8861

Malicious code in bioql PyPI...

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account...

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account...

Design/Logic Flaw

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account...

CVE-2022-29085

CVE-2022-29085 affects Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173. The issue is a plain-text password storage vulnerability in which credentials of a high-privilege user are stored in plain text when certain off-array tools run on the system. A local high-privile...

CVE-2022-29084

Dell Unity, Dell UnityVSA, and Dell Unity XT versions before 5.2.0.0.5.173 do not restrict excessive authentication attempts in Unisphere GUI. A remote unauthenticated attacker may potentially exploit this vulnerability to brute-force passwords and gain access to the system as the victim. Account...

CVE-2022-29084

Dell Unity family (Dell Unity, Dell UnityVSA, Dell Unity XT) versions before 5.2.0.0.5.173 are affected. The issue is that Unisphere GUI does not limit excessive authentication attempts, enabling a remote unauthenticated attacker to brute-force passwords and potentially take over accounts. Affect...

CVE-2022-29091

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. An Unauthenticated Remote Attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a...

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges...

CVE-2021-43589

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...

Command injection

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...

CVE-2021-43589

Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain an operating system OS command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands o...

CVE-2021-43589

The CVE-2021-43589 entry describes a local OS command injection in Dell EMC Unity family (Unity, UnityVSA, UnityXT) for versions prior to 5.1.2.0.5.007. A locally authenticated user with high privileges may execute arbitrary commands on the Unity underlying OS with the vulnerable application’s pr...

CVE-2021-21589

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

CVE-2021-21589

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

CVE-2021-21590

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user...

Default credentials

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user...

CVE-2021-21591

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user...

CVE-2021-21591

CVE-2021-21591 affects Dell EMC Unity, Unity XT, and UnityVSA. The issue is a plain-text password storage vulnerability in versions prior to 5.1.0.0.5.394. A local high-privilege attacker could leverage an exposed password to access the system with the compromised user’s privileges. Exploitation ...

CVE-2021-21590

CVE-2021-21590 affects Dell EMC Unity, Unity XT, and UnityVSA (pre-5.1.0.0.5.394). The issue is a plain-text password storage vulnerability in the product’s local authentication data. A local, high-privilege attacker can use an exposed password to access the system with the compromised user’s pri...