Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

dell emc unityvsa vulnerabilities and exploits

(subscribe to this query)
4
CVSSv2
CVE-2018-1250
Dell EMC Unity and UnityVSA versions before 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by directly interacting with certain APIs of Unity OE, bypassing Role-...
Dell Emc Unity FirmwareDell Emc Unityvsa
5.8
CVSSv2
CVE-2018-1251
Dell EMC Unity and UnityVSA versions before 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web URLs by tricking the victim user to click on a maliciousl...
Dell Emc Unity FirmwareDell Emc Unityvsa
4
CVSSv2
CVE-2019-3734
Dell EMC Unity and UnityVSA versions before 5.0.0.0.5.116 contain an improper authorization vulnerability in NAS Server quotas configuration. A remote authenticated Unisphere Operator could potentially exploit this vulnerability to edit quota configuration of other users.
Dell Emc Unity Operating EnvironmentDell Emc Unityvsa Operating Environment
4.6
CVSSv2
CVE-2018-11064
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools t...
Dell Emc Unityvsa Operating EnvironmentDell Emc Unity Operating Environment
4.3
CVSSv2
CVE-2018-1246
Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflect...
Dell Emc Unityvsa Operating EnvironmentDell Emc Unity Operating Environment
2.1
CVSSv2
CVE-2019-3741
Dell EMC Unity and UnityVSA versions before 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s (including the admin privilege user) password is stored in a plain text in Unity Data Collection bundle (logs files for troubleshooting). A loca...
Dell Emc Unityvsa Operating EnvironmentDell Emc Unity Operating Environment
9
CVSSv2
CVE-2018-1239
Dell EMC Unity Operating Environment (OE) versions before 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system wh...
Dell Emc Unity Operating EnvironmentDell Emc Unityvsa Operating Environment
4.3
CVSSv2
CVE-2019-3754
Dell EMC Unity Operating Environment versions before 5.0.0.0.5.116, Dell EMC UnityVSA versions before 5.0.0.0.5.116 and Dell EMC VNXe3200 versions before 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. A remote unauthenticated attacke...
Dell Emc Unityvsa Operating EnvironmentDell Emc Unity Operating EnvironmentDell Emc Vnxe3200 Firmware
7.2
CVSSv2
CVE-2021-43589
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions before 5.1.2.0.5.007 contain an operating system (OS) command injection Vulnerability. A locally authenticated user with high privileges may potentially exploit this vulnerability, leading to the execution of arbitr...
Dell Emc Unity Operating EnvironmentDell Emc Unity Xt Operating EnvironmentDell Emc Unityvsa Operating Environment
NA
CVE-2022-22564
Dell EMC Unity versions prior to 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
Dell Emc Unity Operating EnvironmentDell Emc Unity Xt Operating EnvironmentDell Emc Unityvsa Operating Environment
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook