Lucene search
K

12 matches found

CVE
CVE
added 2024/06/28 1:33 a.m.66 views

CVE-2024-37137

Dell Key Trust Platform, v3.0.6 and earlier, contains a vulnerability described as Use of a Cryptographic Primitive with a Risky Implementation. The CVE-2024-37137 entry indicates a local privileged attacker could potentially obtain privileged information due to this insecure cryptographic usage....

5.5CVSS6.3AI score0.00117EPSS
CVE
CVE
added 2022/09/01 6:45 p.m.56 views

CVE-2022-34379

Dell EMC CloudLink, versions prior to and including 7.1.2, exposes an Authentication Bypass vulnerability. The root cause is weaknesses in the authentication procedure allowing a remote attacker who knows AD usernames to gain unauthorized access. Impact: unauthorized system access (high/C confide...

9.8CVSS9.4AI score0.00884EPSS
CVE
CVE
added 2021/11/23 8:0 p.m.55 views

CVE-2021-36313

Summary: CVE-2021-36313 affects Dell EMC CloudLink 7.1 and earlier. The vulnerability is an OS command injection that could allow a remote, high-privilege attacker to run arbitrary commands on the underlying OS with the application’s privileges, potentially leading to full system compromise. Affe...

9.1CVSS7.3AI score0.02076EPSS
CVE
CVE
added 2022/09/01 6:45 p.m.54 views

CVE-2022-34380

Dell CloudLink 7.1.3 and earlier versions contain an Authentication Bypass Using an Alternate Path or Channel vulnerability. A high-privilege local attacker could bypass authentication and access the CloudLink system console, effectively taking control of the system. Affected software: Dell Cloud...

9.3CVSS8.2AI score0.00192EPSS
CVE
CVE
added 2021/11/23 8:0 p.m.49 views

CVE-2021-36312

CVE-2021-36312 concerns Dell EMC CloudLink, affecting 7.1 and earlier. A hard-coded password vulnerability exists in CloudLink that could allow a remote, high-privileged attacker to gain unauthorized access to affected systems. The issue is documented across multiple sources (NVD entry and CNVD/C...

9.1CVSS8.9AI score0.01036EPSS
CVE
CVE
added 2023/05/16 3:26 p.m.47 views

CVE-2023-28076

Dell CloudLink (encryption and key management) prior to version 7.1.2 uses a broken or risky cryptographic algorithm. An unauthenticated remote attacker could exploit this to disclose information. A fix is available: update to 7.1.2 or later (per PT-2023-21537 and CNVD/Dell advisories). As a temp...

7.5CVSS7.4AI score0.00424EPSS
CVE
CVE
added 2025/11/05 4:36 p.m.17 views

CVE-2025-46364

Dell CloudLink, prior to version 8.1.1, is affected by a vulnerability described as a CLI Escape vulnerability that a privileged user with a known password can exploit to gain control of the system. The issue affects the CLI escape mechanism and is documented across several feeds (NVD, Red Hat, C...

9.1CVSS6.6AI score0.00298EPSS
CVE
CVE
added 2025/11/05 4:40 p.m.14 views

CVE-2025-46365

Dell CloudLink prior to 8.1.1 contains a command injection vulnerability that can be exploited by an authenticated attacker with local access to execute arbitrary commands on the system. The issue is documented across multiple sources (NVD/CNA RH Red Hat, CNVD, CIRCL, CNNVD, etc.) with consistent...

6.7CVSS6.7AI score0.00384EPSS
CVE
CVE
added 2025/11/05 4:46 p.m.13 views

CVE-2025-46424

Dell CloudLink prior to 8.2 is affected by a cryptographic primitive with a risky implementation that can lead to Denial of Service when exploited by a high-privilege attacker. The issue is documented across multiple sources (Dell CloudLink; CNVD; RH; NVD; CVE listings) and consistently notes the...

6.7CVSS6.1AI score0.00088EPSS
CVE
CVE
added 2025/11/05 4:31 p.m.12 views

CVE-2025-45379

Dell CloudLink is a data encryption and key management product. CVE-2025-45379 describes a command execution vulnerability where a privileged user with a known password can perform a command injection from the console to gain shell access. Affected versions are prior to 8.2. The issue is describe...

8.4CVSS7.3AI score0.00746EPSS
CVE
CVE
added 2025/11/05 4:50 p.m.10 views

CVE-2025-46366

Dell CloudLink is affected in versions prior to 8.1.1. A privileged user can exploit the vulnerability to achieve parallel privilege escalation or access the database to obtain confidential information. Root cause details are not explicitly described in the provided documents. Public references i...

6.7CVSS6.7AI score0.00126EPSS
CVE
CVE
added 2025/11/05 4:27 p.m.9 views

CVE-2025-30479

Dell CloudLink CVE-2025-30479 affects versions prior to 8.2. A privileged user with a known password can perform command injection to gain control of the system. No exploit specifics are provided in the initial documents beyond this description. Remediation guidance available in the referenced De...

8.4CVSS7.3AI score0.01161EPSS