Dell: Security Vulnerabilities
Dell Repository Manager, versions prior to 3.4.5, contains a Path Traversal vulnerability in API module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized write access to the files stored on the server filesystem with the privileges of the running web application.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-04-24
Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.
CVSS Score
3.3
EPSS Score
0.001
Published
2024-04-24
Dell Storage Resource Manager, 4.9.0.0 and below, contain(s) a Session Fixation Vulnerability in SRM Windows Host Agent. An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to the hijack of a targeted user's application session.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-04-12
Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-04-10
Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system.
CVSS Score
6.7
EPSS Score
0.001
Published
2024-04-10
Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search path, leading to system compromise.
CVSS Score
7.4
EPSS Score
0.001
Published
2024-04-10
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
CVSS Score
7.9
EPSS Score
0.001
Published
2024-04-03
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, to gain unauthorized access to the files stored on the server filesystem, with the privileges of the running web application.
CVSS Score
5.7
EPSS Score
0.004
Published
2024-03-29
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure.
CVSS Score
5.9
EPSS Score
0.002
Published
2024-03-28
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-03-28