cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-21548,https://securityvulnerability.io/vulnerability/CVE-2021-21548,Improper Certificate Validation in Dell EMC Unisphere for PowerMax and PowerMax OS,"Dell EMC Unisphere for PowerMax and its Virtual Appliance, along with PowerMax OS, are susceptible to an improper certificate validation issue. This vulnerability enables unauthenticated remote attackers to exploit the system by executing man-in-the-middle attacks. By supplying a specially crafted certificate, an attacker could intercept and manipulate network traffic, potentially leading to unauthorized data access or modification during transmission.",Dell,"Unisphere For Powermax, Dell Emc Unisphere For Powermax Virtual Appliance ,  Powermax Os",7.4,HIGH,0.0013699999544769526,false,,false,false,false,,,false,false,,2023-03-17T05:07:42.867Z,0
CVE-2018-1183,https://securityvulnerability.io/vulnerability/CVE-2018-1183,,"In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4.0.347, Dell EMC VNX2 Operating Environment (OE) for File versions prior to 8.1.9.231, Dell EMC VNX2 Operating Environment (OE) for Block versions prior to 05.33.009.5.231, Dell EMC VNX1 Operating Environment (OE) for File versions prior to 7.1.82.0, Dell EMC VNX1 Operating Environment (OE) for Block versions prior to 05.32.000.5.225, Dell EMC VNXe3200 Operating Environment (OE) all versions, Dell EMC VNXe1600 Operating Environment (OE) versions prior to 3.1.9.9570228, Dell EMC VNXe 3100/3150/3300 Operating Environment (OE) all versions, Dell EMC ViPR SRM versions 3.7, 3.7.1, 3.7.2 (only if using Dell EMC Host Interface for Windows), Dell EMC ViPR SRM versions 4.0, 4.0.1, 4.0.2, 4.0.3 (only if using Dell EMC Host Interface for Windows), Dell EMC XtremIO versions 4.x, Dell EMC VMAX eNAS version 8.x, Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968, ECOM is affected by a XXE injection vulnerability due to the configuration of the XML parser shipped with the product. XXE Injection attack may occur when XML input containing a reference to an external entity (defined by the attacker) is processed by an affected XML parser. XXE Injection may allow attackers to gain unauthorized access to files containing sensitive information or may be used to cause denial-of-service.",Dell,"Dell Emc Unisphere For Vmax Virtual Appliance, Dell Emc Solutions Enabler Virtual Appliance, Dell Emc Vasa Provider Virtual Appliance, Dell Emc Smis, Dell Emc Vmax Embedded Management (emanagement), Dell Emc Vnx2 Operating Environment (oe) For File, Dell Emc Vnx2 Operating Environment (oe) For Block, Dell Emc Vnx1 Operating Environment (oe) For File, Dell Emc Vnx1 Operating Environment (oe) For Block, Dell Emc Vnxe3200 Operating Environment (oe), Dell Emc Vnxe1600 Operating Environment (oe), Dell Emc Vnxe 3100/3150/3300 Operating Environment (oe), Dell Emc Vipr Srm, Dell Emc Vipr Srm, Dell Emc Xtremio, Dell Emc Vmax Enas, Dell Emc Unity Operating Environment (oe)",9.8,CRITICAL,0.002460000105202198,false,,false,false,false,,,false,false,,2018-04-30T20:29:00.000Z,0
CVE-2018-1215,https://securityvulnerability.io/vulnerability/CVE-2018-1215,,"An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account to exploit this vulnerability.",Dell,"Vapp Manager Which Is Embedded In Dell Emc Unisphere For Vmax, Dell Emc Solutions Enabler, Dell Emc Vasa Virtual Appliances, And Dell Emc Vmax Embedded Management (emanagement)",8.8,HIGH,0.0041600000113248825,false,,false,false,false,,,false,false,,2018-03-08T15:00:00.000Z,0
CVE-2018-1216,https://securityvulnerability.io/vulnerability/CVE-2018-1216,,"A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). They contain an undocumented default account (smc) with a hard-coded password that may be used with certain web servlets. A remote attacker with the knowledge of the hard-coded password and the message format may use vulnerable servlets to gain unauthorized access to the system. Note: This account cannot be used to log in via the web user interface.",Dell,"Vapp Manager Which Is Embedded In Dell Emc Unisphere For Vmax, Dell Emc Solutions Enabler, Dell Emc Vasa Virtual Appliances, And Dell Emc Vmax Embedded Management (emanagement)",9.8,CRITICAL,0.011760000139474869,false,,false,false,false,,,false,false,,2018-03-08T15:00:00.000Z,0
CVE-2016-0889,https://securityvulnerability.io/vulnerability/CVE-2016-0889,,An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname.,Dell,Emc Unisphere,9.8,CRITICAL,0.004459999967366457,false,,false,false,false,,,false,false,,2016-04-15T14:00:00.000Z,0
CVE-2013-3287,https://securityvulnerability.io/vulnerability/CVE-2013-3287,,"EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP configurations, allows local users to discover the cleartext LDAP bind password by reading the console.",Dell,Emc Unisphere,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2013-11-02T19:55:00.000Z,0