cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-51540,https://securityvulnerability.io/vulnerability/CVE-2024-51540,Arithmetic Overflow Vulnerability in Dell ECS Products,"An arithmetic overflow vulnerability has been identified in Dell ECS that affects versions prior to 3.8.1.3. This vulnerability arises from improper handling of retention periods, enabling authenticated users with bucket or object-level access, along with the necessary privileges, to potentially exploit this flaw. As a result, they could bypass established retention policies and delete objects within the system, posing a significant risk to data integrity and security.",Dell,Ecs,6.5,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-12-26T15:53:49.735Z,0
CVE-2024-52534,https://securityvulnerability.io/vulnerability/CVE-2024-52534,Authentication Bypass Vulnerability in Dell ECS,"Dell ECS is affected by an authentication bypass vulnerability that allows low-privileged attackers with remote access to exploit session information through a capture-replay mechanism. This could potentially lead to unauthorized access to user sessions, raising significant security concerns for organizations utilizing this storage solution. It is crucial for users of Dell ECS to apply the latest updates and patches to mitigate the risks associated with this vulnerability.",Dell,Ecs,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-12-25T16:04:17.253Z,0
CVE-2024-30473,https://securityvulnerability.io/vulnerability/CVE-2024-30473,Dell ECS Privilege Elevation Vulnerability,"Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized end points.",Dell,Ecs,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-18T15:39:10.211Z,0
CVE-2024-22459,https://securityvulnerability.io/vulnerability/CVE-2024-22459,Unauthorized Access to All Buckets and Data within a Namespace Due to Improper Access Control Vulnerability,"Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to all buckets and their data within a namespace",Dell,Ecs,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-28T08:22:43.778Z,0
CVE-2023-32468,https://securityvulnerability.io/vulnerability/CVE-2023-32468,Sensitive Data Exposure in Dell ECS Streamer Products,"The Dell ECS Streamer prior to version 2.0.7.1 has a vulnerability that allows remote, high-privileged users to gain unauthorized access to sensitive information included in log files. This issue can lead to potential exposure of critical data, posing significant risks to data confidentiality and privacy.",Dell,Ecs Streamer,5.8,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-07-26T08:15:00.000Z,0
CVE-2023-25934,https://securityvulnerability.io/vulnerability/CVE-2023-25934,Improper Verification of Cryptographic Signature in Dell ECS,"Dell ECS versions prior to 3.8.0.2 are affected by a vulnerability that allows an attacker on the network to intercept requests. This improper verification of cryptographic signatures can let the attacker modify the body data of these requests, potentially leading to unauthorized access or manipulation of data. Organizations using affected versions are advised to update to the latest release to mitigate this security risk.",Dell,Ecs,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2023-05-04T07:15:00.000Z,0
CVE-2018-11052,https://securityvulnerability.io/vulnerability/CVE-2018-11052,Dell EMC ECS S3 Authentication Bypass Vulnerability,Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests.,Dell,Ecs,9.8,CRITICAL,0.005239999853074551,false,,false,false,false,,,false,false,,2018-07-03T17:29:00.000Z,0