Powerpath Management Appliance Security Vulnerabilities and Issues — Powerpath Management Appliance CVE List

Lucene search

DellPowerpath Management Appliance

8 matches found

CVE•added 2023/02/11 1:23 a.m.•38 views

CVE-2022-34447

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user.

7.2CVSS7.3AI score0.00346EPSS

CVE•added 2023/02/10 10:15 a.m.•38 views

CVE-2022-34452

PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.

2.7CVSS3.5AI score0.00149EPSS

CVE•added 2023/02/11 1:23 a.m.•34 views

CVE-2022-34448

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions.

8.8CVSS8.6AI score0.0022EPSS

CVE•added 2023/02/11 1:23 a.m.•34 views

CVE-2022-34450

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root.

6.7CVSS6.6AI score0.00052EPSS

CVE•added 2021/12/21 5:15 p.m.•33 views

CVE-2021-43587

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.

8.2CVSS6.5AI score0.00034EPSS

CVE•added 2023/02/11 1:23 a.m.•33 views

CVE-2022-34446

PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration.

8.8CVSS8.1AI score0.00048EPSS

CVE•added 2023/02/11 1:23 a.m.•33 views

CVE-2022-34449

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application.

6CVSS5.7AI score0.00036EPSS

CVE•added 2023/02/11 1:23 a.m.•31 views

CVE-2022-34451

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to ...

4.8CVSS4.9AI score0.00294EPSS