7 matches found
CVE-2024-37143
CVE-2024-37143 affects Dell PowerFlex family: PowerFlex appliance versions before IC 46.381.00 and IC 46.376.00; PowerFlex rack versions before RCM 3.8.1.0 (RCM 3.8.x) or before RCM 3.7.6.0 (RCM 3.7.x); PowerFlex custom node with PowerFlex Manager versions before 4.6.1.0; Dell InsightIQ before 5....
CVE-2024-37144
CVE-2024-37144 affects Dell PowerFlex family: appliance versions prior to IC 46.381.00 and IC 46.376.00; PowerFlex rack prior to RCM 3.8.1.0 (RCM 3.8.x train) or prior to 3.7.6.0 (RCM 3.7.x); custom nodes with PowerFlex Manager prior to 4.6.1.0; InsightIQ prior to 5.1.1; Data Lakehouse prior to 1...
CVE-2024-47483
CVE-2024-47483 affects Dell Data Lakehouse versions 1.0.0.0–1.1.0.0 . A vulnerability in SQL injection arises from improper neutralization of SQL elements, allowing an unauthenticated, locally present attacker to cause information disclosure . The connected PT-2024-32632 entry notes a remediation...
CVE-2024-47481
Dell Data Lakehouse vulnerable component: versions 1.0.0.0 and 1.1.0.0 suffer from Improper Access Control, resulting in potential Denial of Service when accessed by an unauthenticated attacker on an adjacent network. The connected sources (NVD/CNNVD) confirm the issue and list the affected versi...
CVE-2024-38302
CVE-2024-38302 affects Dell Data Lakehouse 1.0.0.0, with a Missing Encryption of Sensitive Data vulnerability in the DDAE (Starburst). A low-privileged attacker with adjacent network access could cause information disclosure. The connected sources provide this vulnerability detail but do not incl...
CVE-2025-21110
CVE-2025-21110 affects Dell Data Lakehouse versions prior to 1.5.0.0. The issue is an Execution with Unnecessary Privileges vulnerability that a high-privilege, local attacker could exploit to cause a Denial of Service . Multiple sources describe the same flaw and indicate remediation to update t...
CVE-2025-46608
Dell Data Lakehouse prior to version 1.6.0.0 contains an Improper Access Control vulnerability that could allow a remote, high-privileged attacker to achieve Elevation of Privileges, potentially compromising system integrity and customer data. Multiple sources (NVD, RH, CIRCL, CVE lists, PT-Secur...