CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34453
https://notcve.org/view.php?id=CVE-2022-34453
Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default. • https://www.dell.com/support/kbdoc/en-us/000204809/dsa-2022-290-dell-xtremio-x2-security-advisory-for-xms-gui?lang=en • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32450
https://notcve.org/view.php?id=CVE-2023-32450
Dell Power Manager, Versions 3.3 to 3.14 contains an Improper Access Control vulnerability. A low-privileged malicious user may potentially exploit this vulnerability to perform arbitrary code execution with limited access. Dell Power Manager en versiones de la 3.3 hasta la 3.14 contiene una vulnerabilidad de control de acceso inadecuado. Un usuario malintencionado con pocos privilegios podría aprovechar esta vulnerabilidad para ejecutar código arbitrario con acceso limitado. • https://www.dell.com/support/kbdoc/en-us/000215215/dsa-2023-181-dell-power-manager-security-update-for-an-improper-access-control-vulnerability • CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32468
https://notcve.org/view.php?id=CVE-2023-32468
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data. • https://www.dell.com/support/kbdoc/en-us/000215903/dsa-2023-254-security-update-for-dell-ecs-streamer-sensitive-data-exposure-vulnerability • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32478
https://notcve.org/view.php?id=CVE-2023-32478
Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. A high privileged malicious user could potentially exploit this vulnerability, leading to sensitive information disclosure. • https://www.dell.com/support/kbdoc/en-us/000215171/dsa-2023-173-dell-powerstore-family-security-update-for-multiple-vulnerabilities • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32476
https://notcve.org/view.php?id=CVE-2023-32476
Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files. • https://www.dell.com/support/kbdoc/en-us/000215862/dsa-2023-258-dell • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •