cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-51532,https://securityvulnerability.io/vulnerability/CVE-2024-51532,Argument Injection Vulnerability in Dell PowerStore Affects Data Integrity,"CVE-2024-51532 is a vulnerability identified in the Dell PowerStore that stems from improper neutralization of argument delimiters in command processing, also known as Argument Injection. This issue allows a low privileged attacker with local access to exploit the vulnerability, potentially leading to unauthorized modification of arbitrary system files. Such an attack could compromise the integrity and availability of the affected PowerStore systems, making it critical for users to understand the implications and apply necessary security updates as stated in Dell's advisory.",Dell,Powerstore,7.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-19T01:40:17.525Z,0
CVE-2023-32478,https://securityvulnerability.io/vulnerability/CVE-2023-32478,Sensitive Information Disclosure Vulnerability in Dell PowerStore,"Dell PowerStore versions before 3.5.0.1 are susceptible to a vulnerability where sensitive information can be inadvertently logged. This flaw allows a malicious user with high privileges to potentially access confidential data through the logs, posing a risk to organizational security. It is essential for users to upgrade to the latest version to mitigate this risk and protect sensitive information.",Dell,Powerstore,9,CRITICAL,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-07-21T06:15:00.000Z,0
CVE-2023-32449,https://securityvulnerability.io/vulnerability/CVE-2023-32449,Improper Verification of Cryptographic Signature in Dell PowerStore,"Dell PowerStore versions prior to 3.5 are susceptible to a vulnerability that allows an attacker to exploit improper verification of cryptographic signatures. By tricking a high privileged user into installing a malicious binary, the attacker can effectively bypass established cryptographic checks. This poses a significant risk, as it can lead to unauthorized code execution and compromise system integrity.",Dell,Powerstore,7.2,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2023-06-22T07:15:00.000Z,0
CVE-2022-26870,https://securityvulnerability.io/vulnerability/CVE-2022-26870,Authentication Bypass Vulnerability in Dell PowerStore,"Dell PowerStore versions 2.1.0.x are susceptible to an authentication bypass vulnerability that allows remote unauthenticated attackers to exploit specific configurations. By successfully exploiting this vulnerability, attackers can gain unauthorized access to the system, highlighting the importance of secure configuration and proactive monitoring.",Dell,Powerstore,7,HIGH,0.005890000145882368,false,,false,false,false,,,false,false,,2022-10-21T18:15:00.000Z,0
CVE-2022-22555,https://securityvulnerability.io/vulnerability/CVE-2022-22555,OS Command Injection in Dell EMC PowerStore,"The Dell EMC PowerStore product is affected by a vulnerability that allows a locally authenticated attacker to execute arbitrary OS commands. This OS command injection flaw could enable the attacker to escalate their privileges on the underlying operating system, potentially compromising system integrity. Users should ensure their systems are updated and adhere to security best practices to mitigate this risk.",Dell,Powerstore,6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-07-21T04:15:00.000Z,0
CVE-2022-33923,https://securityvulnerability.io/vulnerability/CVE-2022-33923,OS Command Injection Vulnerability in Dell PowerStore Before Version 3.0.0.0,"The OS Command Injection vulnerability in Dell PowerStore, specifically in versions prior to 3.0.0.0, allows a locally authenticated attacker to exploit the PowerStore T environment. This exploitation can lead to the execution of arbitrary operating system commands on the underlying OS, potentially enabling the attacker to take full control of the system.",Dell,Powerstore,6.4,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2022-07-21T04:15:00.000Z,0
CVE-2022-31234,https://securityvulnerability.io/vulnerability/CVE-2022-31234,Improper Authentication Management in Dell EMC PowerStore Manager,"Dell EMC PowerStore's Manager GUI exhibits an improper restriction of excessive authentication attempts, which could be exploited by a remote unauthenticated attacker. This vulnerability allows attackers to perform brute-force password attacks, potentially leading to account compromises, especially if users have weak passwords. It is crucial for users to adopt strong password policies to mitigate the risk of unauthorized access.",Dell,Powerstore,8.1,HIGH,0.004689999856054783,false,,false,false,false,,,false,false,,2022-07-21T04:15:00.000Z,0
CVE-2022-32498,https://securityvulnerability.io/vulnerability/CVE-2022-32498,DLL Hijacking Vulnerability in Dell EMC PowerStore Products,"This vulnerability in Dell EMC PowerStore's PSTCLI allows a local attacker to exploit DLL hijacking, leading to arbitrary code execution, privilege escalation, and potential system takeover. Consequently, this compromises the integrity of the system and bypasses security mechanisms like software allow lists, raising serious security concerns.",Dell,Powerstore,5.5,MEDIUM,0.001230000052601099,false,,false,false,false,,,false,false,,2022-07-21T04:15:00.000Z,0
CVE-2022-22556,https://securityvulnerability.io/vulnerability/CVE-2022-22556,Uncontrolled Resource Consumption in Dell PowerStore User Interface,"A vulnerability in the Dell PowerStore User Interface could allow a remote unauthenticated attacker to exploit the system, potentially leading to significant resource exhaustion. This uncontrolled resource consumption may result in a denial of service, impacting the availability of the service and posing risks to business operations. It is crucial for users of Dell PowerStore to implement the necessary security measures to mitigate this risk.",Dell,Powerstore,3.7,LOW,0.0015699999639764428,false,,false,false,false,,,false,false,,2022-06-02T21:15:00.000Z,0
CVE-2022-26866,https://securityvulnerability.io/vulnerability/CVE-2022-26866,Stored Cross-Site Scripting Vulnerability in Dell PowerStore,"Dell PowerStore prior to version 2.1.1.0 is susceptible to a Stored Cross-Site Scripting vulnerability. This allows a network attacker with high privileges to inject malicious HTML or JavaScript code into a trusted application data store. When users access this compromised data, the scripts execute within their web browsers, potentially leading to serious consequences such as information disclosure, session theft, or client-side request forgery. It is crucial for users to apply the latest updates to mitigate exploitation risks.",Dell,Powerstore,5.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2022-06-02T21:15:00.000Z,0
CVE-2022-26869,https://securityvulnerability.io/vulnerability/CVE-2022-26869,Open Port Vulnerability in Dell PowerStore,"Dell PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are susceptible to an open port vulnerability that exposes systems to remote unauthenticated attacks. This flaw could allow attackers to gain unauthorized access, leading to potential information disclosure and the capability to execute arbitrary code on the affected devices.",Dell,Powerstore,9.8,CRITICAL,0.003710000077262521,false,,false,false,false,,,false,false,,2022-06-02T21:15:00.000Z,0
CVE-2022-26868,https://securityvulnerability.io/vulnerability/CVE-2022-26868,Command Injection Vulnerability in Dell EMC PowerStore Products,"Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x suffer from a command injection vulnerability that enables an authenticated attacker to execute arbitrary operating system commands on the underlying system. This flaw can lead to potential system takeover by leveraging the application's privileges during exploitation.",Dell,Powerstore,6.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-06-02T21:15:00.000Z,0
CVE-2022-22557,https://securityvulnerability.io/vulnerability/CVE-2022-22557,Plain-Text Password Storage Vulnerability in Dell PowerStore,"Dell PowerStore is affected by a security issue that involves the storage of passwords in plain text for versions 2.0.0.x and 2.0.1.x. A locally authenticated attacker can exploit this weakness to retrieve sensitive user credentials. Once compromised, these credentials may allow the attacker to access the PowerStore application with the same privileges as the compromised account. This presents a significant risk for unauthorized access and potential data breaches.",Dell,Powerstore,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-04-19T00:00:00.000Z,0
CVE-2022-26867,https://securityvulnerability.io/vulnerability/CVE-2022-26867,Data Export Vulnerability in Dell PowerStore Software,"Dell PowerStore Software version 2.1.1.0 is susceptible to an input validation vulnerability in its data export feature. When users export data to CSV or XLSX formats, the application does not properly validate or sanitize the exported data. This flaw permits an authenticated malicious user to inject payloads into the exported files, which may be executed as formulas in spreadsheet applications when the files are opened. Such actions can lead to unauthorized data manipulation and potentially expose sensitive information.",Dell,Powerstore,5.9,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-04-19T00:00:00.000Z,0
CVE-2020-29499,https://securityvulnerability.io/vulnerability/CVE-2020-29499,,"Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.",Dell,Powerstore,6.4,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0
CVE-2020-29503,https://securityvulnerability.io/vulnerability/CVE-2020-29503,,"Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory.",Dell,Powerstore,4.1,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-07-19T22:15:00.000Z,0
CVE-2020-29502,https://securityvulnerability.io/vulnerability/CVE-2020-29502,,"Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",Dell,Powerstore,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-01-05T22:15:00.000Z,0
CVE-2020-29501,https://securityvulnerability.io/vulnerability/CVE-2020-29501,,"Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",Dell,Powerstore,6.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-01-05T22:15:00.000Z,0
CVE-2020-29500,https://securityvulnerability.io/vulnerability/CVE-2020-29500,,"Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",Dell,Powerstore,7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-01-05T22:15:00.000Z,0
CVE-2020-5372,https://securityvulnerability.io/vulnerability/CVE-2020-5372,,Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.,Dell,Powerstore,8.6,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-07-06T18:15:00.000Z,0