Dell : Security Vulnerabilities CVSS score between 7 and 7.99
Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.
| Max Base Score | 7.8 |
| Published | 2023-08-16 |
| Updated | 2023-08-24 |
| EPSS | 0.04% |
Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.
| Max Base Score | 7.8 |
| Published | 2023-08-16 |
| Updated | 2023-08-22 |
| EPSS | 0.04% |
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.
| Max Base Score | 7.1 |
| Published | 2023-08-16 |
| Updated | 2023-08-22 |
| EPSS | 0.04% |
Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure.
| Max Base Score | 7.8 |
| Published | 2023-08-16 |
| Updated | 2023-08-22 |
| EPSS | 0.04% |
Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.
| Max Base Score | 7.8 |
| Published | 2023-08-16 |
| Updated | 2023-08-22 |
| EPSS | 0.04% |
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
| Max Base Score | 7.5 |
| Published | 2023-06-23 |
| Updated | 2023-07-05 |
| EPSS | 0.09% |
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.
| Max Base Score | 7.8 |
| Published | 2023-07-27 |
| Updated | 2023-08-02 |
| EPSS | 0.04% |
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
| Max Base Score | 7.8 |
| Published | 2023-06-22 |
| Updated | 2023-06-28 |
| EPSS | 0.05% |
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
| Max Base Score | 7.3 |
| Published | 2023-05-30 |
| Updated | 2023-06-06 |
| EPSS | 0.04% |
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains Insecure File and Folder Permissions vulnerability. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
| Max Base Score | 7.8 |
| Published | 2023-05-30 |
| Updated | 2023-06-06 |
| EPSS | 0.04% |
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.
| Max Base Score | 7.5 |
| Published | 2023-05-16 |
| Updated | 2023-05-25 |
| EPSS | 0.11% |
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.
| Max Base Score | 7.8 |
| Published | 2023-09-04 |
| Updated | 2023-09-08 |
| EPSS | 0.05% |
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
| Max Base Score | 7.1 |
| Published | 2023-06-23 |
| Updated | 2023-06-30 |
| EPSS | 0.04% |
Alienware Command Center Application, versions 5.5.43.0 and prior, contain an improper access control vulnerability. A local malicious user could potentially exploit this vulnerability during installation or update process leading to privilege escalation.
| Max Base Score | 7.8 |
| Published | 2023-05-03 |
| Updated | 2023-05-09 |
| EPSS | 0.04% |
Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path
| Max Base Score | 7.8 |
| Published | 2023-05-05 |
| Updated | 2023-05-30 |
| EPSS | 0.04% |
Dell OS Recovery Tool, versions 2.2.4013 and 2.3.7012.0, contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability in order to elevate privileges on the system.
| Max Base Score | 7.8 |
| Published | 2023-06-01 |
| Updated | 2023-06-09 |
| EPSS | 0.04% |
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.
| Max Base Score | 7.3 |
| Published | 2023-06-23 |
| Updated | 2023-06-30 |
| EPSS | 0.04% |
Dell Power Manager, versions 3.10 and prior, contains an Improper Access Control vulnerability. A low-privileged attacker could potentially exploit this vulnerability to elevate privileges on the system.
| Max Base Score | 7.8 |
| Published | 2023-04-07 |
| Updated | 2023-04-13 |
| EPSS | 0.04% |
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges.
| Max Base Score | 7.8 |
| Published | 2023-04-20 |
| Updated | 2023-04-29 |
| EPSS | 0.04% |
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.
| Max Base Score | 7.1 |
| Published | 2023-04-06 |
| Updated | 2023-04-12 |
| EPSS | 0.04% |
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. An attacker with low privileges could potentially exploit this vulnerability, leading to gain access to unauthorized data.
| Max Base Score | 7.1 |
| Published | 2023-05-19 |
| Updated | 2023-05-26 |
| EPSS | 0.05% |
Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to Denial of service, escalation of privileges, and information disclosure. This vulnerability breaks the compliance mode guarantee.
| Max Base Score | 7.8 |
| Published | 2023-04-04 |
| Updated | 2023-04-11 |
| EPSS | 0.04% |
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees.
| Max Base Score | 7.8 |
| Published | 2023-04-04 |
| Updated | 2023-06-22 |
| EPSS | 0.04% |
DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.
| Max Base Score | 7.5 |
| Published | 2023-05-04 |
| Updated | 2023-05-31 |
| EPSS | 0.05% |
Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks.
| Max Base Score | 7.5 |
| Published | 2023-03-01 |
| Updated | 2023-03-10 |
| EPSS | 0.05% |