5 matches found
CVE-2019-3762
Affected product/versions: Dell EMC Data Protection Central 1.0, 1.0.1, 18.1, 18.2, 19.1. Root cause: Improper certificate chain of trust. Impact: Unauthenticated remote attacker could obtain a CA-signed certificate to impersonate a valid system and compromise data integrity. Remediation/public f...
CVE-2022-34367
CVE-2022-34367 affects Dell EMC Data Protection Central versions 19.1–19.6. The vulnerability is a Cross‑Site Request Forgery (CSRF) that could allow a remote unauthenticated attacker to trigger unintended server operations. Exploitation details are not provided in the documents; the impact is de...
CVE-2022-45102
Dell EMC Data Protection Central (CVE-2022-45102) affects versions 19.1–19.7 and involves a Host header injection vulnerability. The underlying issue allows a remote unauthenticated attacker to inject arbitrary Host header values, which can poison a web cache or trigger redirections. Connected so...
CVE-2021-43588
Dell EMC Data Protection Central 19.5 contains an Improper Input Validation vulnerability that could allow a remote unauthenticated attacker to cause denial of service. This is supported by CVE-2021-43588 and NVD metrics listing affected product/version and impact. The supplied connected document...
CVE-2021-36349
Dell EMC Data Protection Central (DPC) versions 19.5 and earlier are affected by a Server-Side Request Forgery (SSRF) in the DPC DNS client processing. The root cause is failure to validate user input, enabling a remote attacker to probe external/internal resources from the server. This could all...