CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3747

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a stored cross-site scripting vulnerability. A remote malicious ACM admin user may potentially exploit this vulnerability to store malicious HTML or JavaScript code in Cloud DR add-on specific field. When victim users access the page through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.8%

CVSS Severity

CVSS v3 Score 8.4

CVSS v2 Score 3.5

References

Products affected by CVE-2019-3747

Dell » Emc Idpa Dp4400 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp4400:-
Dell » Emc Idpa Dp5800 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp5800:-
Dell » Emc Idpa Dp8300 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp8300:-
Dell » Emc Idpa Dp8800 » Version: N/A

cpe:2.3:h:dell:emc_idpa_dp8800:-
Dell » Emc Integrated Data Protection Appliance Firmware » Version: 2.0

cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.0
Dell » Emc Integrated Data Protection Appliance Firmware » Version: 2.1

cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.1
Dell » Emc Integrated Data Protection Appliance Firmware » Version: 2.2

cpe:2.3:o:dell:emc_integrated_data_protection_appliance_firmware:2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3747

Products

Pricing

Contact Us