Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DellAppsync*

9 matches found

CVE
CVEadded 2022/01/21 9:15 p.m.106 views

CVE-2022-22553

Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication Attempts Vulnerability that can be exploited from UI and CLI. An adjacent unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is po...

9.8CVSS9.4AI score0.00464EPSS
CVE
CVEadded 2022/01/21 9:15 p.m.94 views

CVE-2022-22551

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session.

8.8CVSS8.5AI score0.00139EPSS
CVE
CVEadded 2022/01/21 9:15 p.m.79 views

CVE-2022-22552

Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executing state changing operations.

6.9CVSS6.1AI score0.00209EPSS
CVE
CVEadded 2022/04/21 9:15 p.m.69 views

CVE-2022-24424

Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web appl...

7.5CVSS7.5AI score0.00666EPSS
CVE
CVEadded 2024/10/09 7:15 a.m.40 views

CVE-2024-39586

Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure.

4.3CVSS6.8AI score0.00029EPSS
CVE
CVEadded 2024/02/08 10:15 a.m.38 views

CVE-2024-22464

Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote attacker could potentially exploit this vulnerability, leading to the disclosure of certain user creden...

6.8CVSS6.2AI score0.00103EPSS
CVE
CVEadded 2024/12/17 12:15 p.m.35 views

CVE-2024-52542

Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering.

5.5CVSS6.3AI score0.00026EPSS
CVE
CVEadded 2 days ago2 views

CVE-2025-32744

Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.

6.6CVSS6.7AI score0.00183EPSS
CVE
CVEadded 2 days ago2 views

CVE-2025-36603

Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.

4.2CVSS6.2AI score0.00017EPSS