cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-37143,https://securityvulnerability.io/vulnerability/CVE-2024-37143,Dell PowerFlex Appliance Vulnerable to Improper Link Resolution Before File Access,"The identified vulnerability involves improper link resolution prior to file access in various Dell products, including Dell PowerFlex, InsightIQ, and Data Lakehouse. This flaw allows an unauthenticated attacker with remote access to potentially exploit the system, enabling them to execute arbitrary code. Affected versions of the products include several iterations of the PowerFlex appliance and rack, PowerFlex Manager, InsightIQ and Data Lakehouse, highlighting the significance of timely updates to mitigate potential risks associated with this vulnerability.",Dell,"Dell Powerflex Appliance,Dell Powerflex Rack,Dell Powerflex Custom Node,Dell Insightiq,Dell Data Lakehouse",10,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T02:25:33.225Z,0
CVE-2024-37144,https://securityvulnerability.io/vulnerability/CVE-2024-37144,Dell PowerFlex Appliance and Rack Versions vulnerable to Information Disclosure,"The vulnerability in Dell PowerFlex appliances, including certain rack versions and related software products, arises from insecure storage of sensitive information. A privileged attacker with local access could exploit this weakness, potentially leading to unauthorized information disclosure. This exposure might enable the attacker to gain access to critical components within the cluster, which raises serious security concerns. Organizations utilizing affected versions are advised to upgrade to the latest releases to mitigate risks associated with this vulnerability.",Dell,"Dell Powerflex Appliance,Dell Powerflex Rack,Dell Powerflex Custom Node,Dell Insightiq,Dell Data Lakehouse",8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-10T02:11:13.298Z,0
CVE-2024-39582,https://securityvulnerability.io/vulnerability/CVE-2024-39582,Use of Hardcoded Credentials Vulnerability in Dell PowerScale InsightIQ,"The Dell PowerScale InsightIQ version 5.0 is affected by a vulnerability that involves the use of hardcoded credentials. This flaw potentially allows a high-privileged attacker with local access to exploit the system, resulting in unauthorized information disclosure. It is crucial for users of this product to be aware of the risk and to take necessary precautions to mitigate potential threats. For further information and updates, refer to Dell's security advisory.",Dell,Powerscale Insightiq,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-10T09:04:50.035Z,0
CVE-2024-39574,https://securityvulnerability.io/vulnerability/CVE-2024-39574,Improper Privilege Management Vulnerability in Dell PowerScale InsightIQ,"Dell PowerScale InsightIQ version 5.1 contains an Improper Privilege Management vulnerability that can be exploited by an attacker with high privileges and local access. This vulnerability could potentially be used to disrupt service operations by executing a Denial of Service attack, impacting the availability of the affected system.",Dell,Powerscale Insightiq,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-10T09:01:23.300Z,0
CVE-2024-39580,https://securityvulnerability.io/vulnerability/CVE-2024-39580,PowerScale InsightIQ v5.0-5.1 vulnerable to Improper Access Control,"Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.",Dell,Powerscale Insightiq,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-10T08:54:54.258Z,0
CVE-2024-39581,https://securityvulnerability.io/vulnerability/CVE-2024-39581,Unauthenticated Remote Access Vulnerability in Dell PowerScale InsightIQ Could Allow Exfiltration of Arbitrary Files,"Dell PowerScale InsightIQ, specifically versions 5.0 through 5.1, is exposed to a vulnerability that allows unauthenticated attackers to gain unauthorized access to files and directories. This flaw can lead to the potential reading, modification, and deletion of arbitrary files stored within the system. If exploited, it poses significant risks to data integrity and confidentiality, making it imperative for users to implement security updates and patches as soon as they are available. For further information, refer to Dell's advisory on the security update.",Dell,Powerscale Insightiq,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-09-10T08:49:57.279Z,0
CVE-2024-39583,https://securityvulnerability.io/vulnerability/CVE-2024-39583,Risky Cryptographic Algorithm Vulnerability in Dell PowerScale InsightIQ,"The vulnerability in Dell PowerScale InsightIQ affects versions 5.0 and 5.1 and relates to the use of a broken or risky cryptographic algorithm. This flaw allows an unauthenticated attacker with remote access to the system to exploit the vulnerability, potentially leading to an elevation of privileges and compromising system integrity. It is critical for users of impacted versions to apply necessary security updates and mitigate associated risks.",Dell,Powerscale Insightiq,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-09-10T08:45:15.530Z,0
CVE-2024-28972,https://securityvulnerability.io/vulnerability/CVE-2024-28972,Dell InsightIQ Versions 5.0.0 Vulnerable to Broken Cryptographic Algorithm,"Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure.",Dell,Insightiq,5.9,MEDIUM,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-08-01T07:55:35.491Z,0
CVE-2024-25962,https://securityvulnerability.io/vulnerability/CVE-2024-25962,Unauthorized Access to Monitoring Data via Improper Access Control Vulnerability,"Dell InsightIQ, specifically version 5.0, is exposed to an improper access control vulnerability that may be exploited by low privileged remote attackers. Successful exploitation of this flaw could enable unauthorized access to sensitive monitoring data. It is essential for users of Dell InsightIQ to be aware of this vulnerability and to implement necessary security measures to safeguard their data from potential threats.",Dell,Insightiq,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-03-27T10:37:43.037Z,0
CVE-2021-36298,https://securityvulnerability.io/vulnerability/CVE-2021-36298,Risky Cryptographic Algorithms in Dell EMC InsightIQ SSH Component,"Dell EMC InsightIQ versions before 4.1.4 are exposed to a vulnerability related to insecure cryptographic algorithms within the SSH component. This flaw allows remote unauthenticated attackers to potentially bypass authentication mechanisms, leading to unauthorized access and control over the InsightIQ system. It is crucial for users to upgrade to the latest version to mitigate risks and secure their environments against possible exploitation.",Dell,Isilon Insightiq,8.1,HIGH,0.006260000169277191,false,,false,false,false,,,false,false,,2021-10-01T21:15:00.000Z,0