CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48671
https://notcve.org/view.php?id=CVE-2023-48671
14 Dec 2023 — Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information that may aid in further attacks. Dell vApp Manager, las versiones anteriores a la 9.2.4.x contienen una vulnerabilidad de divulgación de información. Un atacante remoto podría explotar esta vulnerabilidad y obtener información confidencial que podría ayudar en futuros ataques. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48665
https://notcve.org/view.php?id=CVE-2023-48665
14 Dec 2023 — Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema opera... • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48664
https://notcve.org/view.php?id=CVE-2023-48664
14 Dec 2023 — Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema opera... • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48663
https://notcve.org/view.php?id=CVE-2023-48663
14 Dec 2023 — Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema opera... • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48662
https://notcve.org/view.php?id=CVE-2023-48662
14 Dec 2023 — Dell vApp Manager, versions prior to 9.2.4.x contain a command injection vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability leading to the execution of arbitrary OS commands on the affected system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de inyección de comandos. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad y llevar a la ejecución de comandos arbitrarios del sistema opera... • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48661
https://notcve.org/view.php?id=CVE-2023-48661
14 Dec 2023 — Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote malicious user with high privileges could potentially exploit this vulnerability to read arbitrary files from the target system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de lectura de archivos arbitraria. Un usuario malicioso remoto con altos privilegios podría explotar esta vulnerabilidad para leer archivos arbitrarios del sistema de destino. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-48660
https://notcve.org/view.php?id=CVE-2023-48660
14 Dec 2023 — Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system. Dell vApp Manager, las versiones anteriores a 9.2.4.x contienen una vulnerabilidad de lectura de archivos arbitraria. Un atacante remoto podría explotar esta vulnerabilidad para leer archivos arbitrarios del sistema de destino. • https://www.dell.com/support/kbdoc/en-us/000220427/dsa-2023-443-dell-powermaxos-5978-dell-unisphere-360-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-solutions-enabler-virtual-appliance-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 0CVE-2022-34397
https://notcve.org/view.php?id=CVE-2022-34397
13 Feb 2023 — Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized. • https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities • CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-45104
https://notcve.org/view.php?id=CVE-2022-45104
10 Feb 2023 — Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system. • https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-31233
https://notcve.org/view.php?id=CVE-2022-31233
31 Aug 2022 — Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. Unisphere for PowerMax versiones anteriores a 9.2.3.15, contienen una vulnerabilidad de escalada de privilegios. Un usuario malicioso adyacente puede explotar potencialmente esta vulnerabilidad para escalar sus privilegios y acceder a funcionalidades a las que no ... • https://www.dell.com/support/kbdoc/000200975 • CWE-602: Client-Side Enforcement of Server-Side Security CWE-669: Incorrect Resource Transfer Between Spheres •