CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2024-25946
https://notcve.org/view.php?id=CVE-2024-25946
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity. Dell vApp Manager, las versiones anteriores a la 9.2.4.9 contienen una vulnerabilidad de inyección de comandos. Un atacante autorizado podría explotar esta vulnerabilidad y llevar a la ejecución de un comando insertado. • https://www.dell.com/support/kbdoc/en-us/000223609/dsa-2024-108-dell-powermaxos-5978-dell-powermax-os-10-0-1-5-dell-powermax-os-10-1-0-2-dell-unisphere-360-unisphere-powermax-unisphere-powermax-vapp-dell-solutions-enabler-vapp-and-dell-powermax-eem-security-update-for-multiple-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25971
https://notcve.org/view.php?id=CVE-2024-25971
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service. Dell PowerProtect Data Manager, versión 19.15, contiene una vulnerabilidad de inyección de entidad externa XML. Un atacante remoto con privilegios elevados podría explotar esta vulnerabilidad, lo que provocaría la divulgación de información y la denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000223556/dsa-2024-132-security-update-dell-power-protect-data-manager-for-multiple-security-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-25954
https://notcve.org/view.php?id=CVE-2024-25954
Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. Dell PowerScale OneFS, versiones 9.5.0.x a 9.7.0.x, contienen una vulnerabilidad de caducidad de sesión insuficiente. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-613: Insufficient Session Expiration •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25963
https://notcve.org/view.php?id=CVE-2024-25963
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. Dell PowerScale OneFS, versiones 8.2.2.x a 9.5.0.x contiene el uso de una vulnerabilidad de algoritmo criptográfico roto. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y provocar la divulgación de información. • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-25953
https://notcve.org/view.php?id=CVE-2024-25953
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. Dell PowerScale OneFS versiones 9.4.0.x a 9.7.0.x contiene un enlace simbólico UNIX (enlace simbólico) después de la vulnerabilidad. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad, lo que provocaría denegación de servicio y manipulación de información. • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-61: UNIX Symbolic Link (Symlink) Following •