CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2021/01/05 9:40 p.m.•49 views

CVE-2020-26199

Dell EMC Unity, Unity XT, and UnityVSA contain a plain-text password storage vulnerability in versions prior to 5.0.4.0.5.012. A local authenticated attacker with access to the log files can extract user credentials (including the Unisphere admin) and gain access with the compromised user’s privi...

6.7CVSS6.6AI score0.00047EPSS

CNNVD•added 2021/01/05 12:0 a.m.•2 views

Dell EMC Unity,UnityVSA 安全漏洞

DELL Dell EMC Unity and UnityVSA are both products of Dell DELL Corporation, U.S.A. Dell EMC Unity is a unified storage array product.UnityVSA is a set of virtual Unity storage environments. A security vulnerability exists in Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012,...

6.7CVSS6.6AI score0.0002EPSS

Exploits0References2

CNNVD•added 2021/01/05 12:0 a.m.•2 views

DELL Dell EMC Unity和UnityVSA 日志信息泄露漏洞

Dell EMC Unity is a unified storage array product. the UnityVSA is a set of virtual Unity storage environments. An information disclosure vulnerability exists in Dell EMC Unity, Unity XT and UnityVSA versions prior to 5.0.4.0.5.012. The vulnerability stems from the program storing user credential...

6.7CVSS6.6AI score0.00047EPSS

Exploits0References2

Cvelist•added 2020/02/06 5:45 p.m.•10 views

CVE-2020-5319

Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability an...

7.5CVSS7.6AI score0.01063EPSS

CVE•added 2020/02/06 5:45 p.m.•59 views

CVE-2020-5319

Dell EMC Unity family (Unity, Unity XT, UnityVSA) versions prior to 5.0.2.0.5.009 are affected by a Denial of Service vulnerability in the NAS Server SSH implementation used for SFTP. A remote unauthenticated attacker can cause a Storage Processor Panic by sending an out‑of‑order SSH sequence. Re...

7.8CVSS7.5AI score0.01063EPSS

OSV•added 2019/09/03 5:15 p.m.•0 views

CVE-2019-3754

Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. A remote unauthenticated attacker could...

6.1CVSS6.2AI score0.0016EPSS

Prion•added 2019/09/03 5:15 p.m.•14 views

Cross site scripting

4.3CVSS6.1AI score0.0016EPSS

Cvelist•added 2019/09/03 4:52 p.m.•12 views

CVE-2019-3754

4.7CVSS6.2AI score0.0016EPSS

CVE•added 2019/09/03 4:52 p.m.•114 views

CVE-2019-3754

Dell EMC CVE-2019-3754 affects Unity Operating Environment (and UnityVSA) versions prior to 5.0.0.0.5.116 and VNXe3200 prior to 3.1.10.9946299. It is a reflected cross-site scripting vulnerability on the cas/logout page: a remote unauthenticated attacker could induce a victim application user to ...

6.1CVSS6.1AI score0.0016EPSS

CNVD•added 2019/07/22 12:0 a.m.•1 views

Dell EMC Unity and UnityVSA Security Bypass Vulnerability

Dell EMC Unity and UnityVSA are both products of Dell, Inc.Dell EMC Unity is a unified storage array product.UnityVSA is a set of virtual Unity storage environments. A security vulnerability exists in Dell EMC Unity prior to version 5.0.0.0.5.116 and UnityVSA prior to version 5.0.0.0.5.116, which...

7.8CVSS6.7AI score0.00049EPSS

OSV•added 2019/07/18 4:15 p.m.•0 views

CVE-2019-3741

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s including the admin privilege user password is stored in a plain text in Unity Data Collection bundle logs files for troubleshooting. A local authenticated attacker...

7.8CVSS7.1AI score

NVD•added 2019/07/18 4:15 p.m.•7 views

CVE-2019-3734

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users...

5.4CVSS5.3AI score0.00129EPSS

NVD•added 2019/07/18 4:15 p.m.•10 views

CVE-2019-3741

7.8CVSS7.8AI score0.00049EPSS

Prion•added 2019/07/18 4:15 p.m.•18 views

Authorization

4CVSS4.5AI score0.00129EPSS

Prion•added 2019/07/18 4:15 p.m.•11 views

Default credentials

2.1CVSS7.7AI score0.00049EPSS

CVE•added 2019/07/18 3:47 p.m.•49 views

CVE-2019-3741

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 store a password in plaintext inside the Unity Data Collection bundle (logs). A local authenticated attacker with access to this bundle can use the exposed password to gain access with the compromised user’s privileges. The documents do ...

7.8CVSS7.7AI score0.00049EPSS

Cvelist•added 2019/07/18 3:47 p.m.•11 views

CVE-2019-3741

7.8CVSS7.8AI score0.00049EPSS

Cvelist•added 2019/07/18 3:47 p.m.•11 views

CVE-2019-3734

5.4CVSS5.3AI score0.00129EPSS

CVE•added 2019/07/18 3:47 p.m.•34 views

CVE-2019-3734

Dell EMC Unity and UnityVSA (before 5.0.0.0.5.116) contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially edit quota configurations for other users. The issue is rooted in authorization controls governing NAS...

5.4CVSS4.4AI score0.00129EPSS