cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-37137,https://securityvulnerability.io/vulnerability/CVE-2024-37137,Dell Key Trust Platform vulnerable to Privileged Information Disclosure,"Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure.",Dell,ClouD-Link,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-28T01:33:42.186Z,0
CVE-2023-28076,https://securityvulnerability.io/vulnerability/CVE-2023-28076,Cryptographic Algorithm Vulnerability in CloudLink by Dell,"CloudLink versions 7.1.2 and earlier are affected by a vulnerability associated with a broken or risky cryptographic algorithm. An unauthenticated remote attacker could exploit this vulnerability, potentially resulting in unauthorized information disclosure. It is essential for users to update to the latest version to mitigate the associated risks.",Dell,ClouD-Link,5.9,MEDIUM,0.0015399999683722854,false,,false,false,false,,,false,false,,2023-05-16T16:15:00.000Z,0
CVE-2022-34380,https://securityvulnerability.io/vulnerability/CVE-2022-34380,Authentication Bypass Vulnerability in Dell CloudLink,"Dell CloudLink versions 7.1.3 and earlier are susceptible to an authentication bypass vulnerability that allows a local attacker with high privileges to gain unauthorized access to the CloudLink system console. This vulnerability can be exploited through alternate paths or channels, compromising the integrity of the CloudLink system.",Dell,ClouD-Link,9.3,CRITICAL,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-09-01T19:15:00.000Z,0
CVE-2022-34379,https://securityvulnerability.io/vulnerability/CVE-2022-34379,Authentication Bypass Vulnerability in Dell EMC CloudLink,"Dell EMC CloudLink versions 7.1.2 and earlier are affected by an authentication bypass vulnerability. This flaw allows a remote attacker who has knowledge of active directory usernames to exploit the system, potentially leading to unauthorized access. Ensuring your systems are updated to the latest version is crucial to mitigate this risk and protect sensitive data from possible breaches.",Dell,ClouD-Link,9.4,CRITICAL,0.006320000160485506,false,,false,false,false,,,false,false,,2022-09-01T19:15:00.000Z,0
CVE-2022-24414,https://securityvulnerability.io/vulnerability/CVE-2022-24414,Exposed Auth Token in Dell EMC CloudLink Leading to Unauthorized Access,"Dell EMC CloudLink versions 7.1.3 and earlier are susceptible to a vulnerability where authentication tokens are exposed through GET request parameters. This exposure can lead to sensitive token information being logged in reverse proxies and server logs, making it possible for attackers to intercept these tokens. The presence of these tokens in the request URLs poses a significant security risk, as they may be utilized to gain unauthorized access to the CloudLink server. It is crucial for users of affected versions to implement secure practices and refrain from using tokens in request URLs to mitigate potential exploits.",Dell,ClouD-Link,7.6,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-05-26T16:15:00.000Z,0
CVE-2021-36334,https://securityvulnerability.io/vulnerability/CVE-2021-36334,Dell EMC CloudLink Vulnerability Leading to Code Execution Risk,"Dell EMC CloudLink versions 7.1 and earlier are susceptible to a CSV formula injection vulnerability. This issue allows remote attackers with high privileges to exploit the vulnerability, potentially leading to arbitrary code execution on the user’s machine. As a result, sensitive data could be manipulated or exposed, posing significant security risks to users and organizations utilizing these affected versions.",Dell,ClouD-Link,5.9,MEDIUM,0.0010499999625608325,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0
CVE-2021-36312,https://securityvulnerability.io/vulnerability/CVE-2021-36312,Hard-coded Password Vulnerability in Dell EMC CloudLink,"The vulnerability affects Dell EMC CloudLink 7.1 and earlier versions through hard-coded credentials. An attacker with knowledge of these credentials can gain unauthorized access, posing a significant security risk to the system. This vulnerability highlights the importance of secure credential management and the necessity for users to upgrade to a more secure version.",Dell,ClouD-Link,9.1,CRITICAL,0.0013599999947473407,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0
CVE-2021-36335,https://securityvulnerability.io/vulnerability/CVE-2021-36335,Improper Input Validation in Dell EMC CloudLink Products,"Dell EMC CloudLink, including version 7.1 and earlier, has a vulnerability stemming from improper input validation. This could allow remote attackers with low privileges to exploit the flaw, potentially leading to the execution of arbitrary files on the server. Organizations using these versions should consider implementing immediate patches to safeguard against potential exploitation.",Dell,ClouD-Link,4.3,MEDIUM,0.0026000000070780516,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0
CVE-2021-36313,https://securityvulnerability.io/vulnerability/CVE-2021-36313,OS Command Injection Vulnerability in Dell EMC CloudLink,"Dell EMC CloudLink versions 7.1 and earlier are affected by an OS command injection vulnerability that allows a remote attacker with high privileges to execute arbitrary OS commands on the underlying operating system. Successful exploitation can lead to a complete system compromise, as it allows attackers to take control of the application and the OS. Users are strongly advised to update to the latest version to mitigate this risk.",Dell,ClouD-Link,9.1,CRITICAL,0.0016400000313296914,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0
CVE-2021-36314,https://securityvulnerability.io/vulnerability/CVE-2021-36314,Arbitrary File Creation Vulnerability in Dell EMC CloudLink,"Dell EMC CloudLink versions 7.1 and earlier are susceptible to an arbitrary file creation vulnerability. This issue allows a remote unauthenticated attacker to exploit the system, potentially leading to the execution of arbitrary files on the user's system. The vulnerability poses serious risks as attackers can manipulate file creation processes to execute malicious code, thereby compromising system integrity and confidentiality.",Dell,ClouD-Link,7.1,HIGH,0.005830000154674053,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0
CVE-2021-36332,https://securityvulnerability.io/vulnerability/CVE-2021-36332,HTML and JavaScript Injection Vulnerability in Dell EMC CloudLink Products,"Dell EMC CloudLink versions 7.1 and earlier have a vulnerability that allows remote attackers with low privileges to inject malicious HTML and JavaScript code. This can lead to redirecting end users to arbitrary and potentially harmful websites, posing a significant risk to user data and security. Users of affected versions should implement necessary precautions and consider upgrading to mitigate exposure to this vulnerability.",Dell,ClouD-Link,5.4,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0
CVE-2021-36333,https://securityvulnerability.io/vulnerability/CVE-2021-36333,Buffer Overflow Vulnerability in Dell EMC CloudLink,"Dell EMC CloudLink versions 7.1 and earlier are susceptible to a buffer overflow vulnerability that allows low-privileged local attackers to exploit the weakness. Successful exploitation may lead to unexpected application crashes, compromising the stability and reliability of the CloudLink service.",Dell,ClouD-Link,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-11-23T20:15:00.000Z,0