Lucene search
K
DellPowerpath Management Appliance

8 matches found

CVE
CVE
added 2023/02/10 8:48 p.m.50 views

CVE-2022-34447

Dell PowerPath Management Appliance (VM and Docker containerized) affected: versions 3.0, 3.1, 3.2, 3.3. The issue is an OS Command Injection vulnerability that an authenticated remote attacker with administrative privileges could exploit to run commands as root on the system. Root cause details ...

7.2CVSS7.3AI score0.01657EPSS
CVE
CVE
added 2023/02/10 9:33 a.m.50 views

CVE-2022-34452

PowerPath Management Appliance (Dell) versions 3.0–3.3 are affected by a sensitive information disclosure vulnerability that can be exploited by an authenticated admin to view sensitive information stored in logs. Root cause details are not provided in the documents, but remediation is available ...

2.7CVSS3.5AI score0.00435EPSS
CVE
CVE
added 2023/02/10 8:56 p.m.47 views

CVE-2022-34450

The CVE-2022-34450 entry concerns Dell PowerPath Management Appliance version 3.3, where an authenticated admin can escalate privileges to root. The vulnerability is described as an elevation of privilege allowing unrestricted code execution on the system. Public sources in the provided set ident...

6.7CVSS6.6AI score0.00419EPSS
CVE
CVE
added 2023/02/10 8:51 p.m.46 views

CVE-2022-34448

Dell PowerPath Management Appliance versions 3.0–3.3 are affected by a Cross-site Request Forgery vulnerability that can be exploited by an unauthenticated, non-privileged user to perform privileged state-changing actions. Affected component is the PowerPath host management application; root caus...

8.8CVSS8.6AI score0.00314EPSS
CVE
CVE
added 2023/02/10 8:53 p.m.46 views

CVE-2022-34449

PowerPath Management Appliance (Dell) versions 3.3 and 3.2* are affected by a Hardcoded Cryptographic Keys vulnerability. The issue enables authenticated admin users to view and modify sensitive information stored in the application due to hardcoded keys. Documented impact includes exposure of co...

6CVSS5.7AI score0.00176EPSS
CVE
CVE
added 2023/02/10 8:44 p.m.45 views

CVE-2022-34446

Dell PowerPath Management Appliance (VM/Docker) versions 3.2–3.3 are affected by an Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., Monitoring) can access sensitive data and modify configuration due to weak access control. Affected component: PowerP...

8.8CVSS8.1AI score0.00794EPSS
CVE
CVE
added 2021/12/21 5:5 p.m.43 views

CVE-2021-43587

CVE-2021-43587 affects Dell PowerPath Management Appliance (versions 3.2, 3.1, 3.0 P01, 3.0, 2.6) where a hard-coded cryptographic key enables a locally authenticated, high-privileged attacker to access secrets and escalate privileges. Root cause: hard-coded key in the appliance. Impact: unauthor...

8.2CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2023/02/10 8:59 p.m.41 views

CVE-2022-34451

PowerPath Management Appliance (Dell) is affected by a Stored Cross‑site Scripting vulnerability. Affects versions 3.3, 3.2*, 3.1, and 3.0*; the issue is exploitable by an authenticated admin user who could hijack user sessions or induce a victim application user to issue arbitrary requests to th...

4.8CVSS4.9AI score0.00341EPSS