cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-22576,https://securityvulnerability.io/vulnerability/CVE-2023-22576,Local Privilege Escalation Vulnerability in Dell Repository Manager Could Lead toOS Execution,"The local privilege escalation vulnerability in Dell Repository Manager, particularly present in version 3.4.2 and earlier, allows a low privileged attacker to exploit improper privilege management within the installation module. This exploitation could lead to the execution of arbitrary executables on the operating system with elevated privileges. Such unauthorized access may result in the potential disruption of service availability and compromise system integrity. It is crucial for users of affected versions to apply the necessary security updates to safeguard against this vulnerability.",Dell,Dell Repository Manager (drm),7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-21T09:44:37.806Z,0
CVE-2024-28977,https://securityvulnerability.io/vulnerability/CVE-2024-28977,Dell Repository Manager Vulnerability Allows Path Traversal Attacks,"Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal vulnerability in logger module. A local attacker with low privileges could potentially exploit this vulnerability to gain unauthorized read access to the files stored on the server filesystem with the privileges of the running web application.",Dell,Dell Repository Manager (drm),5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-04-24T08:08:35.366Z,0
CVE-2024-28976,https://securityvulnerability.io/vulnerability/CVE-2024-28976,Dell Repository Manager Vulnerability Allows Unauthorized File Access,"Dell Repository Manager, prior to version 3.4.5, is susceptible to a path traversal vulnerability in its API module. A local attacker with limited privileges can exploit this weakness to gain unauthorized write access to server files, leveraging the permissions of the running web application. This vulnerability poses substantial risks to the confidentiality and integrity of data stored on the server filesystem.",Dell,Dell Repository Manager (drm),7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-04-24T08:01:53.090Z,0
CVE-2023-44282,https://securityvulnerability.io/vulnerability/CVE-2023-44282,Improper Access Control in Dell Repository Manager Installation Module,"Dell Repository Manager prior to version 3.4.4 contains an Improper Access Control vulnerability. This flaw, located in the installation module, allows a local low-privileged attacker to potentially exploit the system to gain escalated privileges. Such vulnerabilities can lead to unauthorized access to sensitive information and control over critical system functions, emphasizing the need for timely updates and robust security measures.",Dell,Dell Repository Manager (drm),6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-16T10:15:00.000Z,0
CVE-2023-44292,https://securityvulnerability.io/vulnerability/CVE-2023-44292,Improper Access Control Vulnerability in Dell Repository Manager,"Dell Repository Manager versions 3.4.3 and earlier are susceptible to an improper access control vulnerability within its installation module. This flaw allows a local attacker with low privileges the potential to exploit the system, which could lead to unauthorized privilege escalation. Users are advised to review and update their systems in accordance with Dell's security guidance to mitigate potential risks.",Dell,Dell Repository Manager (drm),6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-16T10:15:00.000Z,0
CVE-2022-26856,https://securityvulnerability.io/vulnerability/CVE-2022-26856,Plain-Text Password Storage Vulnerability in Dell EMC Repository Manager,"A vulnerability exists in Dell EMC Repository Manager version 3.4.0, which allows local attackers to access stored passwords in plain text. This weakness may enable an attacker to reveal user credentials, leading to potential unauthorized access to the application’s database with the permissions of the affected account. It is crucial for users to be aware of this security issue and implement recommended mitigation strategies to safeguard their sensitive information.",Dell,Dell Repository Manager (drm),8.2,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-04-21T21:15:00.000Z,0
CVE-2020-5315,https://securityvulnerability.io/vulnerability/CVE-2020-5315,,Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability. Proxy server user password is stored in a plain text in a local database. A local authenticated malicious user with access to the local file system may use the exposed password to access the with privileges of the compromised user.,Dell,Dell Emc Repository Manager (drm),8.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0