cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-32485,https://securityvulnerability.io/vulnerability/CVE-2023-32485,Improper Input Validation in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software versions 1.3 and earlier are vulnerable to improper input validation, which can be exploited by remote unauthenticated attackers. This vulnerability potentially allows attackers to escalate their privileges, gaining access to administrative-level controls. Dell advises affected users to upgrade their software to the latest version to mitigate the risks associated with this vulnerability.",Dell,Dell Smartfabric Storage Software,9.8,CRITICAL,0.003000000026077032,false,,false,false,false,,,false,false,,2023-10-05T19:15:00.000Z,0
CVE-2023-43069,https://securityvulnerability.io/vulnerability/CVE-2023-43069,OS Command Injection Vulnerability in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software versions up to v1.4 are exposed to an OS Command Injection vulnerability within the Command Line Interface (CLI). This flaw permits an authenticated local attacker to inject arbitrary parameters into commands such as curl or docker, potentially compromising system integrity and allowing unauthorized system interactions. Prompt action is recommended to mitigate potential attacks.",Dell,Dell Smartfabric Storage Software,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0
CVE-2023-4401,https://securityvulnerability.io/vulnerability/CVE-2023-4401,OS Command Injection Vulnerability in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software versions 1.4 and earlier are affected by an OS command injection vulnerability in the command-line interface (CLI) usage of the 'more' command. An authenticated attacker—either local or remote—may leverage this vulnerability to execute arbitrary commands on the underlying operating system, potentially gaining root privileges and compromising the integrity and security of the affected system. It's crucial for users to apply security updates to mitigate this risk and protect their data.",Dell,Dell Smartfabric Storage Software,7.8,HIGH,0.0014199999859556556,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0
CVE-2023-43072,https://securityvulnerability.io/vulnerability/CVE-2023-43072,Improper Access Control in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software versions up to v1.4 are affected by an improper access control vulnerability in the command line interface (CLI). This flaw could allow a local, potentially unauthenticated attacker to exploit the system, granting them the ability to execute arbitrary shell commands. Organizations using affected versions are advised to apply security updates to mitigate the risks associated with this vulnerability. For detailed information and remediation guidance, refer to Dell's security advisory.",Dell,Dell Smartfabric Storage Software,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0
CVE-2023-43073,https://securityvulnerability.io/vulnerability/CVE-2023-43073,Improper Input Validation in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software v1.4 and earlier versions have an improper input validation vulnerability in the RADIUS configuration. This security flaw could allow an authenticated remote attacker to exploit the system, potentially leading to unauthorized access to sensitive data. Organizations utilizing these products are advised to review their configurations and apply necessary updates to safeguard against potential attacks.",Dell,Dell Smartfabric Storage Software,4.3,MEDIUM,0.0011599999852478504,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0
CVE-2023-43071,https://securityvulnerability.io/vulnerability/CVE-2023-43071,HTML Injection and XSS Vulnerabilities in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software versions prior to v1.4 are susceptible to vulnerabilities that allow for HTML injection and formula injection through CSV files. This could lead to potential cross-site scripting (XSS) attacks via the software's graphical user interface (GUI). A remote authenticated attacker may leverage these vulnerabilities to execute various forms of injection attacks, impacting the security and privacy of the affected systems.",Dell,Dell Smartfabric Storage Software,4.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0
CVE-2023-43068,https://securityvulnerability.io/vulnerability/CVE-2023-43068,OS Command Injection in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software versions prior to v1.4 are susceptible to an OS Command Injection vulnerability within its restricted shell through SSH. An authenticated remote attacker may exploit this issue to execute arbitrary commands, potentially compromising system integrity and data security. Organizations using affected versions should apply the security updates provided by Dell to mitigate the risk.",Dell,Dell Smartfabric Storage Software,7.8,HIGH,0.001129999989643693,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0
CVE-2023-43070,https://securityvulnerability.io/vulnerability/CVE-2023-43070,Path Traversal Vulnerability in Dell SmartFabric Storage Software,"Dell SmartFabric Storage Software v1.4 and earlier versions have a path traversal vulnerability in its HTTP interface. This allows a remote authenticated attacker to exploit the flaw and potentially write arbitrary files to unauthorized locations within the license container, posing risks to the integrity of the system and its data.",Dell,Dell Smartfabric Storage Software,6.3,MEDIUM,0.0008800000068731606,false,,false,false,false,,,false,false,,2023-10-05T18:15:00.000Z,0