CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25940
https://notcve.org/view.php?id=CVE-2023-25940
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees. • https://www.dell.com/support/kbdoc/en-us/000211539/dell-emc-powerscale-onefs-security • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21548
https://notcve.org/view.php?id=CVE-2021-21548
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit. • https://www.dell.com/support/kbdoc/en-uk/000189606/dsa-2021-134-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-dell-emc-solutions-enabler-virtual-appliance-and-dell-emc-powermax-embedded-management-security-update-for-multiple-third-party-component-vulnerabilities • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34423
https://notcve.org/view.php?id=CVE-2022-34423
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34422
https://notcve.org/view.php?id=CVE-2022-34422
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 160EXPL: 0CVE-2022-34421
https://notcve.org/view.php?id=CVE-2022-34421
Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. • https://www.dell.com/support/kbdoc/en-us/000206296/dsa-2022-204-dell-poweredge-improper-smm-communication-buffer-verification-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •