CVE-2022-22564
https://notcve.org/view.php?id=CVE-2022-22564
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. • https://www.dell.com/support/kbdoc/en-us/000199050/dsa-2022-021-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2022-34397
https://notcve.org/view.php?id=CVE-2022-34397
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized. • https://www.dell.com/support/kbdoc/en-us/000207177/dsa-2022-340-dell-unisphere-for-powermax-dell-unisphere-for-powermax-vapp-dell-solutions-enabler-vapp-dell-unisphere-360-dell-vasa-provider-vapp-and-dell-powermax-emb-mgmt-security-update-for-multiple-vulnerabilities • CWE-863: Incorrect Authorization •
CVE-2023-23697
https://notcve.org/view.php?id=CVE-2023-23697
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. • https://www.dell.com/support/kbdoc/en-us/000207929/dsa-2023-030 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVE-2023-24572
https://notcve.org/view.php?id=CVE-2023-24572
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion. • https://www.dell.com/support/kbdoc/en-us/000207931/dsa-2023-032 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-1386: Insecure Operation on Windows Junction / Mount Point •
CVE-2022-46754
https://notcve.org/view.php?id=CVE-2022-46754
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. • https://www.dell.com/support/kbdoc/en-us/000206134/dsa-2022-329-dell-wyse-management-suite-security-update-for-multiple-vulnerabilities • CWE-284: Improper Access Control •