Dell: Security Vulnerabilities
Dell Networking Switches running Enterprise SONiC OS, version(s) prior to 4.4.1 and 4.2.3, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-01-30
Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-01-15
Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability.
A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary folder or file deletion.
CVSS Score
6.6
EPSS Score
0.0
Published
2025-01-15
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-01-08
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-01-08
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-01-08
Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-01-07
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service.
CVSS Score
5.0
EPSS Score
0.0
Published
2025-01-06
Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket or object-level access and the necessary privileges could potentially exploit this vulnerability to bypass retention policies and delete objects.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-12-26
Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-12-25