CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4129
https://notcve.org/view.php?id=CVE-2023-4129
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength Vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, allowing an attacker to recover plaintext from a block of ciphertext. Dell Data Protection Central, versión 19.9, contiene una vulnerabilidad de Inadequate Encryption Strength. Un atacante de red no autenticado podría explotar esta vulnerabilidad, permitiéndole recuperar texto sin cifrar de un bloque de texto cifrado. • https://www.dell.com/support/kbdoc/en-us/000218045/dsa-2023-346-security-update-for-dell-data-protection-central • CWE-326: Inadequate Encryption Strength •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-45102
https://notcve.org/view.php?id=CVE-2022-45102
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections. • https://www.dell.com/support/kbdoc/en-us/000206329/dsa-2022-348-dell-emc-data-protection-central-security-update-for-proprietary-code-vulnerability • CWE-116: Improper Encoding or Escaping of Output CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34367
https://notcve.org/view.php?id=CVE-2022-34367
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability. A(n) remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations. Dell EMC Data Protection Central versiones 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contienen una vulnerabilidad de tipo Cross-Site Request Forgery Vulnerability. Un(os) atacante(s) remoto(s) no autenticado(s) podría(n) explotar esta vulnerabilidad, conllevando a un procesamiento de operaciones de servidor no intencionadas • https://www.dell.com/support/kbdoc/en-us/000201505/dsa-2022-192-dell-emc-data-protection-central-security-update-for-multiple-vulnerabilities • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43588
https://notcve.org/view.php?id=CVE-2021-43588
Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. Dell EMC Data Protection Central versión 19.5, contiene una vulnerabilidad de comprobación de entrada inapropiada. Un atacante remoto no autenticado podría explotar esta vulnerabilidad, conllevando a una denegación de servicio • https://www.dell.com/support/kbdoc/000195103 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36349
https://notcve.org/view.php?id=CVE-2021-36349
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery vulnerability in the DPC DNS client processing. A remote malicious user could potentially exploit this vulnerability, allowing port scanning of external hosts. Dell EMC Data Protection Central versiones 19.5 y anteriores, contienen una vulnerabilidad de tipo Server Side Request Forgery en el procesamiento del cliente DPC DNS. Un usuario remoto malicioso podría explotar esta vulnerabilidad, permitiendo el escaneo de puertos de hosts externos • https://www.dell.com/support/kbdoc/000195103 • CWE-918: Server-Side Request Forgery (SSRF) •