NotCVE - vendor:"Emc" product:"Appsync" version:" >= 4.4.0.0 <= 4.6.0.0"

4 results (0.003 seconds)

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-32744

https://notcve.org/view.php?id=CVE-2025-32744

21 Jul 2025 — Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. • https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-36603

https://notcve.org/view.php?id=CVE-2025-36603

21 Jul 2025 — Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. • https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-39586

https://notcve.org/view.php?id=CVE-2024-39586

09 Oct 2024 — Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000234216/dsa-2024-420-security-update-for-dell-emc-appsync-for-multiple-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-32458

https://notcve.org/view.php?id=CVE-2023-32458

27 Sep 2023 — Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could potentially exploit this vulnerability during installation leading to a privilege escalation. Dell AppSync, versiones 4.4.0.0 a 4.6.0.0, incluidas las versiones de Service Pack, contiene una vulnerabilidad de control de acceso inadecuado en el componente Embedded Service Enabler. Un usuario malintencionado local podrí... • https://www.dell.com/support/kbdoc/en-us/000218038/dsa-2023-331-dell-emc-appsync-security-update-for-dell-embedded-service-enabler-vulnerability • CWE-284: Improper Access Control •