16 matches found
CVE-2021-21531
Dell Unisphere for PowerMax (
CVE-2022-31233
CVE-2022-31233 affects Dell EMC Unisphere for PowerMax prior to version 9.2.3.15, with a privilege-escalation issue that could allow an adjacent user to gain elevated access to restricted functionality. Connected sources indicate a related historical context to CVE-2021-36338 (partial fix) and po...
CVE-2021-36338
Dell EMC Unisphere for PowerMax is affected by a privilege-escalation vulnerability in versions prior to 9.2.3.15 (and earlier fixed partialy by CVE-2022-31233 for the 9.2.2.x line). An adjacent malicious user could potentially escalate privileges and access restricted functionalities. Remediatio...
CVE-2022-45103
CVE-2022-45103 affects Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp 9.2.3.x. The vulnerability is an information disclosure caused by improper input validation in the download logging functionality, enabling a low-privilege remote attacker to read arbitrary file...
CVE-2023-48661
Dell vApp Manager prior to 9.2.4.x is affected by an arbitrary file read vulnerability. A remote attacker with high privileges could read arbitrary files from the target system. The issue is documented across multiple sources (NVD entry CVE-2023-48661 and related CNVD/PT advisories) and is trigge...
CVE-2021-21548
CVE-2021-21548 affects Dell EMC Unisphere for PowerMax family: PowerMax OS Release 5978, and Unisphere for PowerMax/Virtual Appliance releases prior to 9.1.0.27. The flaw is improper certificate validation in TLS, allowing an unauthenticated remote attacker to mount a man-in-the-middle attack by ...
CVE-2023-48671
Dell vApp Manager is affected by an information disclosure vulnerability in versions prior to 9.2.4.x. The issue allows a remote attacker to obtain sensitive information that could aid in further attacks. The confirmed workaround/mitigation is to upgrade to version 9.2.4.x or later. Exploitation ...
CVE-2020-35170
CVE-2020-35170 is described across multiple sources as a Cross-Site Scripting (XSS) vulnerability affecting Dell EMC Unisphere for PowerMax (and PowerMax OS) prior to specific versions: Unisphere for PowerMax < 9.1.0.9 and
CVE-2021-36339
The CVE-2021-36339 issue affects Dell EMC Virtual Appliances prior to version 9.2.2.2, where undocumented user accounts exist. This enables a local attacker with access to the appliance to potentially obtain privileged access. The vulnerability is rooted in the presence of hidden accounts rather ...
CVE-2020-5367
CVE-2020-5367 affects Dell EMC Unisphere for PowerMax (pre-9.1.0.17), Unisphere for PowerMax Virtual Appliance (pre-9.1.0.17), and PowerMax OS Release 5978. The flaw is improper certificate validation, enabling an unauthenticated remote attacker to perform a man-in-the-middle attack by presenting...
CVE-2020-5345
CVE-2020-5345 affects Dell EMC Unisphere for PowerMax, its Virtual Appliance, and PowerMax OS Release 5978. Affected: Unisphere for PowerMax versions prior to 9.1.0.17, Unisphere for PowerMax Virtual Appliance prior to 9.1.0.17, and PowerMax OS Release 5978. Root cause: authorization bypass allow...
CVE-2023-48665
Dell vApp Manager, versions prior to 9.2.4.x, contains a command injection vulnerability. A remote attacker with high privileges could exploit this over the network to execute arbitrary OS commands on the affected system, impacting confidentiality, integrity, and availability. Supported details d...
CVE-2023-48664
CVE-2023-48664 affects Dell vApp Manager. The vulnerability exists in Dell Virtual Appliance Manager prior to version 9.2.4.x and enables a remote attacker with high privileges to execute arbitrary OS commands on the affected system via a command-injection flaw. Documented impact is arbitrary com...
CVE-2023-48662
CVE-2023-48662 describes a command injection vulnerability in Dell Virtual Appliance Manager (Dell vApp Manager). Affected are Dell vApp Manager versions prior to 9.2.4.x. A remote attacker with high privileges could potentially execute arbitrary operating system commands on the affected system. ...
CVE-2023-48663
Dell vApp Manager (Dell Virtual Appliance Manager) is affected. Versions prior to 9.2.4.x contain a command-injection vulnerability that could allow a remote, high-privilege attacker to execute arbitrary OS commands on the affected system. Exploitation details are not provided in the connected do...
CVE-2023-48660
Dell Virtual Appliance Manager (Dell vApp Manger) is affected by CVE-2023-48660. The vulnerability exists in versions prior to 9.2.4.x and allows a remote attacker to read arbitrary files from the target system, impacting confidentiality. The CVSS from NVD/EU sources indicates network access, low...