Dell : Security Vulnerabilities CVSS score between 4 and 4.99

Wyse Management Suite versions prior to 4.0 contain a sensitive information disclosure vulnerability. An authenticated malicious user having local access to the system running the application could exploit this vulnerability to read sensitive information written to log files.
Max Base Score
4.4
Published 2023-07-20
Updated 2023-07-26
EPSS 0.04%
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group.
Max Base Score
4.9
Published 2023-07-20
Updated 2023-07-26
EPSS 0.05%
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
Max Base Score
4.6
Published 2023-08-16
Updated 2023-08-23
EPSS 0.04%
Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Max Base Score
4.6
Published 2023-06-23
Updated 2023-06-30
EPSS 0.05%
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.
Max Base Score
4.7
Published 2023-02-13
Updated 2023-02-23
EPSS 0.04%
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion.
Max Base Score
4.7
Published 2023-02-13
Updated 2023-02-23
EPSS 0.04%
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.
Max Base Score
4.9
Published 2023-02-11
Updated 2023-02-21
EPSS 0.04%
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Max Base Score
4.6
Published 2023-03-08
Updated 2023-03-15
EPSS 0.05%
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized.
Max Base Score
4.9
Published 2023-02-11
Updated 2023-02-21
EPSS 0.04%
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized.
Max Base Score
4.9
Published 2023-02-11
Updated 2023-02-21
EPSS 0.04%
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server.
Max Base Score
4.8
Published 2023-02-11
Updated 2023-02-21
EPSS 0.05%
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
Max Base Score
4.9
Published 2023-01-18
Updated 2023-01-26
EPSS 0.05%
Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
Max Base Score
4.9
Published 2023-01-18
Updated 2023-01-26
EPSS 0.05%
Dell BIOS versions contain a Missing Release of Resource after Effective Lifetime vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by consuming excess memory in order to cause the application to crash.
Max Base Score
4.4
Published 2022-09-12
Updated 2023-06-29
EPSS 0.04%
Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API. A remote attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
Max Base Score
4.9
Published 2022-06-24
Updated 2022-07-06
EPSS 0.11%
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.
Max Base Score
4.9
Published 2022-05-26
Updated 2022-06-08
EPSS 0.07%
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability. A local user with access to the filesystem could potentially exploit this vulnerability, leading to data loss.
Max Base Score
4.4
Published 2022-04-12
Updated 2022-04-20
EPSS 0.04%
Wyse Device Agent version 14.6.1.4 and below contain a sensitive data exposure vulnerability. A authenticated malicious user could potentially exploit this vulnerability in order to view sensitive information from the WMS Server.
Max Base Score
4.4
Published 2022-04-01
Updated 2022-04-08
EPSS 0.04%
Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.
Max Base Score
4.4
Published 2022-04-08
Updated 2022-04-14
EPSS 0.04%
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts.
Max Base Score
4.3
Published 2022-01-24
Updated 2022-01-28
EPSS 0.05%
Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate.
Max Base Score
4.3
Published 2021-08-03
Updated 2021-08-09
EPSS 0.07%
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an insufficient logging vulnerability. An authenticated user with ISI_PRIV_LOGIN_PAPI could make un-audited and un-trackable configuration changes to settings that their roles have privileges to change.
Max Base Score
4.3
Published 2021-08-16
Updated 2022-05-03
EPSS 0.05%
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the application’s direct control.
Max Base Score
4.4
Published 2021-08-03
Updated 2021-08-11
EPSS 0.04%
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to manipulate the username field under the comment section and set the value to any user.
Max Base Score
4.0
Published 2021-04-30
Updated 2022-10-25
EPSS 0.08%
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected parameters. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.
Max Base Score
4.8
Published 2021-04-30
Updated 2021-05-10
EPSS 0.07%
54 vulnerabilities found
1 2 3
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!