CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dell: >> Emc Vnx2 Firmware Security Vulnerabilities

CVE-2019-3704

VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated malicious user could potentially execute arbitrary OS commands as root by exploiting this vulnerability.

CVSS Score

7.8

EPSS Score

0.003

Published

2019-02-07

CVE-2017-14383

In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary HTML code in the user's browser session in the context of the affected web application.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-01-04

Page 1

Vulnerabilities

Vulnerable Software

Dell: >> Emc Vnx2 Firmware Security Vulnerabilities

Products

Pricing

Contact Us