12 matches found
CVE-2024-37137
Dell Key Trust Platform, v3.0.6 and earlier, contains a vulnerability described as Use of a Cryptographic Primitive with a Risky Implementation. The CVE-2024-37137 entry indicates a local privileged attacker could potentially obtain privileged information due to this insecure cryptographic usage....
CVE-2022-34379
Dell EMC CloudLink, versions prior to and including 7.1.2, exposes an Authentication Bypass vulnerability. The root cause is weaknesses in the authentication procedure allowing a remote attacker who knows AD usernames to gain unauthorized access. Impact: unauthorized system access (high/C confide...
CVE-2021-36313
Summary: CVE-2021-36313 affects Dell EMC CloudLink 7.1 and earlier. The vulnerability is an OS command injection that could allow a remote, high-privilege attacker to run arbitrary commands on the underlying OS with the application’s privileges, potentially leading to full system compromise. Affe...
CVE-2022-34380
Dell CloudLink 7.1.3 and earlier versions contain an Authentication Bypass Using an Alternate Path or Channel vulnerability. A high-privilege local attacker could bypass authentication and access the CloudLink system console, effectively taking control of the system. Affected software: Dell Cloud...
CVE-2021-36312
CVE-2021-36312 concerns Dell EMC CloudLink, affecting 7.1 and earlier. A hard-coded password vulnerability exists in CloudLink that could allow a remote, high-privileged attacker to gain unauthorized access to affected systems. The issue is documented across multiple sources (NVD entry and CNVD/C...
CVE-2023-28076
Dell CloudLink (encryption and key management) prior to version 7.1.2 uses a broken or risky cryptographic algorithm. An unauthenticated remote attacker could exploit this to disclose information. A fix is available: update to 7.1.2 or later (per PT-2023-21537 and CNVD/Dell advisories). As a temp...
CVE-2025-46364
Dell CloudLink, prior to version 8.1.1, is affected by a vulnerability described as a CLI Escape vulnerability that a privileged user with a known password can exploit to gain control of the system. The issue affects the CLI escape mechanism and is documented across several feeds (NVD, Red Hat, C...
CVE-2025-46365
Dell CloudLink prior to 8.1.1 contains a command injection vulnerability that can be exploited by an authenticated attacker with local access to execute arbitrary commands on the system. The issue is documented across multiple sources (NVD/CNA RH Red Hat, CNVD, CIRCL, CNNVD, etc.) with consistent...
CVE-2025-46424
Dell CloudLink prior to 8.2 is affected by a cryptographic primitive with a risky implementation that can lead to Denial of Service when exploited by a high-privilege attacker. The issue is documented across multiple sources (Dell CloudLink; CNVD; RH; NVD; CVE listings) and consistently notes the...
CVE-2025-45379
Dell CloudLink is a data encryption and key management product. CVE-2025-45379 describes a command execution vulnerability where a privileged user with a known password can perform a command injection from the console to gain shell access. Affected versions are prior to 8.2. The issue is describe...
CVE-2025-46366
Dell CloudLink is affected in versions prior to 8.1.1. A privileged user can exploit the vulnerability to achieve parallel privilege escalation or access the database to obtain confidential information. Root cause details are not explicitly described in the provided documents. Public references i...
CVE-2025-30479
Dell CloudLink CVE-2025-30479 affects versions prior to 8.2. A privileged user with a known password can perform command injection to gain control of the system. No exploit specifics are provided in the initial documents beyond this description. Remediation guidance available in the referenced De...