Vulnerabilities (CVE)

Filtered by vendor Dell Subscribe
Total 958 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44290 1 Dell 1 Command\|monitor 2023-12-10 N/A 7.8 HIGH
Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.
CVE-2023-43082 1 Dell 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment 2023-12-10 N/A 5.9 MEDIUM
Dell Unity prior to 5.3 contains a 'man in the middle' vulnerability in the vmadapter component. If a customer has a certificate signed by a third-party public Certificate Authority, the vCenter CA could be spoofed by an attacker who can obtain a CA-signed certificate.
CVE-2023-39256 1 Dell 1 Rugged Control Center 2023-12-10 N/A 7.8 HIGH
Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder during product installation and upgrade, leading to privilege escalation on the system.
CVE-2023-39246 2 Dell, Microsoft 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more 2023-12-10 N/A 7.3 HIGH
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation
CVE-2023-44282 1 Dell 1 Repository Manager 2023-12-10 N/A 7.8 HIGH
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges.
CVE-2023-44289 1 Dell 1 Command\|configure 2023-12-10 N/A 7.8 HIGH
Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.
CVE-2023-43081 1 Dell 1 Powerprotect Agent For File System 2023-12-10 N/A 3.3 LOW
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.
CVE-2023-39257 1 Dell 1 Rugged Control Center 2023-12-10 N/A 7.8 HIGH
Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system.
CVE-2023-43086 1 Dell 1 Command\|configure 2023-12-10 N/A 7.8 HIGH
Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation.
CVE-2023-43089 1 Dell 1 Rugged Control Center 2023-12-10 N/A 3.3 LOW
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user could potentially exploit this vulnerability to modify the content of the policy file, leading to unauthorized access to resources.
CVE-2023-44296 1 Dell 1 E-lab Navigator 2023-12-10 N/A 5.5 MEDIUM
Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local attacker could potentially exploit this vulnerability, leading to unauthorized access to sensitive data. Successful exploitation may result in the compromise of confidential user information.
CVE-2023-39259 1 Dell 1 Os Recovery Tool 2023-12-10 N/A 7.8 HIGH
Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system.
CVE-2023-44302 1 Dell 2 Powerprotect Data Manager Dm5500, Powerprotect Data Manager Dm5500 Firmware 2023-12-10 N/A 9.8 CRITICAL
Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access of resources or functionality that could possibly lead to execute arbitrary code.
CVE-2023-32450 1 Dell 1 Power Manager 2023-12-10 N/A 7.8 HIGH
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access.
CVE-2023-43079 1 Dell 1 Emc Openmanage Server Administrator 2023-12-10 N/A 7.8 HIGH
Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise.
CVE-2023-32492 1 Dell 1 Powerscale Onefs 2023-12-10 N/A 7.1 HIGH
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.
CVE-2023-32468 1 Dell 1 Ecs Streamer 2023-12-10 N/A 4.9 MEDIUM
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data.
CVE-2023-28072 1 Dell 1 Alienware Command Center 2023-12-10 N/A 7.8 HIGH
Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.
CVE-2023-32494 1 Dell 1 Powerscale Onefs 2023-12-10 N/A 6.7 MEDIUM
Dell PowerScale OneFS, 8.0.x-9.5.x, contains an improper handling of insufficient privileges vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to elevation of privilege and affect in compliance mode also.
CVE-2023-39250 1 Dell 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin 2023-12-10 N/A 5.5 MEDIUM
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.