Security Vulnerabilities - CVEs Published In August 2019
Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a privilege escalation vulnerability. A local non-privileged malicious user could exploit a Universal Windows Platform application by manipulating the install software package feature with a race condition and a path traversal exploit in order to run a malicious executable with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-08-09
A remote session reuse vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
CVSS Score
6.3
EPSS Score
0.002
Published
2019-08-09
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS Score
9.4
EPSS Score
0.032
Published
2019-08-09
A remote multiple cross-site scripting vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS Score
4.8
EPSS Score
0.003
Published
2019-08-09
A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS Score
8.8
EPSS Score
0.006
Published
2019-08-09
A remote authorization bypass vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS Score
7.3
EPSS Score
0.003
Published
2019-08-09
A remote session reuse vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS Score
7.2
EPSS Score
0.003
Published
2019-08-09
A remote information disclosure vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1.
CVSS Score
6.3
EPSS Score
0.002
Published
2019-08-09
Command View Advanced Edition (CVAE) products contain a vulnerability that could expose configuration information of hosts and storage systems that are managed by Device Manager server. This problem is due to a vulnerability in Device Manager GUI. The following products are affected. DevMgr version 7.0.0-00 to earlier than 8.6.1-02 RepMgr if it is installed on the same machine as DevMgr TSMgr if it is installed on the same machine as DevMgr. The resolution is to upgrade to the fixed version as described below or later version of DevMgr 8.6.2-02 or later. RepMgr and TSMgr will be corrected by upgrading DevMgr.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-08-09
OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-08-09