![]() A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. ![]() A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP exposure.ĭell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. ![]() Exploitation may lead to information disclosure, session theft, or client-side request forgery.ĭell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. This is a critical issue so Dell recommends customers to upgrade at the earliest opportunity.ĭell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shell. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations.Ĭloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.ĭell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system.ĭell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |