cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-28980,https://securityvulnerability.io/vulnerability/CVE-2024-28980,,"Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.",Dell,Recoverpoint For Virtual Machines,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T14:20:15.834Z,0
CVE-2024-47984,https://securityvulnerability.io/vulnerability/CVE-2024-47984,Denial of Service Vulnerability in Dell RecoverPoint for Virtual Machines,"The vulnerability in Dell RecoverPoint for Virtual Machines 6.0.x is classified as a Denial of Service risk. This flaw allows an attacker with remote access to exploit the system, potentially leading to a significant disruption in the product's functionalities. The persistence of this issue after a reboot could necessitate technical support for restoration, impacting operational efficiency and stability. It is crucial for users and administrators to be aware of this vulnerability and implement necessary precautions to mitigate risk.",Dell,Recoverpoint For Virtual Machines,4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T14:15:53.203Z,0
CVE-2024-24902,https://securityvulnerability.io/vulnerability/CVE-2024-24902,,Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentially exploit this vulnerability leading to gaining access to unauthorized data for a limited time.,Dell,Recoverpoint For Virtual Machines,6.6,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T14:11:04.854Z,0
CVE-2024-38488,https://securityvulnerability.io/vulnerability/CVE-2024-38488,,"Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the RecoverPoint login form and a complete system compromise.
This allows attackers to brute-force the password of valid users in an automated manner.",Dell,Recoverpoint For Virtual Machines,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T14:06:25.845Z,0
CVE-2024-48007,https://securityvulnerability.io/vulnerability/CVE-2024-48007,,"Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the system leading to gaining access to unauthorized data.",Dell,Recoverpoint For Virtual Machines,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T14:00:56.270Z,0
CVE-2024-48008,https://securityvulnerability.io/vulnerability/CVE-2024-48008,Dell RecoverPoint Virtual Machine Vulnerability Could Lead to Information Disclosure and Unintended Actions,"Dell RecoverPoint for Virtual Machines 6.0.x is susceptible to an OS Command Injection vulnerability, enabling low privileged remote attackers to exploit the flaw. Successful exploitation may lead to sensitive information disclosure, allowing unauthorized actions such as the retrieval of files containing confidential data. Proper security measures should be evaluated and implemented to mitigate this risk.",Dell,Recoverpoint For Virtual Machines,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T13:30:20.777Z,0
CVE-2024-22461,https://securityvulnerability.io/vulnerability/CVE-2024-22461,Dell RecoverPoint for Virtual Machines Vulnerability - root access risk,"An OS command injection vulnerability has been identified in Dell RecoverPoint for Virtual Machines 6.0.x, which allows low-privileged remote attackers to execute arbitrary commands on the system. This flaw could be exploited to gain root-level access, leading to a total compromise of the system. The exploitation of this vulnerability presents significant risks, emphasizing the need for timely patches and security measures to protect critical infrastructure.",Dell,Recoverpoint For Virtual Machines,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-13T13:25:25.661Z,0
CVE-2018-15771,https://securityvulnerability.io/vulnerability/CVE-2018-15771,Dell EMC RecoverPoint Information Disclosure Vulnerability,Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI.,Dell,"Dell Emc Recoverpoint,Dell Emc Recoverpoint Virtual Machine (vm)",5.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2018-11-13T14:29:00.000Z,0
CVE-2018-15772,https://securityvulnerability.io/vulnerability/CVE-2018-15772,Dell EMC RecoverPoint Uncontrolled Resource Consumption Vulnerability,Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. A malicious boxmgmt user may potentially be able to consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.,Dell,"Dell Emc Recoverpoint,Dell Emc Recoverpoint Virtual Machine (vm)",7.1,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2018-11-13T14:29:00.000Z,0
CVE-2018-1242,https://securityvulnerability.io/vulnerability/CVE-2018-1242,,"Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. An authenticated malicious user with boxmgmt privileges may potentially exploit this vulnerability to read RPA files. Note that files that require root permission cannot be read.",Dell,"Dell Emc Recoverpoint,Dell Emc Recoverpoint Virtual Machine (vm)",6.5,MEDIUM,0.0011599999852478504,false,false,false,false,,false,false,2018-05-29T17:29:00.000Z,0
CVE-2018-1241,https://securityvulnerability.io/vulnerability/CVE-2018-1241,,"Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, under certain conditions, may leak LDAP password in plain-text into the RecoverPoint log file. An authenticated malicious user with access to the RecoverPoint log files may obtain the exposed LDAP password to use it in further attacks.",Dell,"Dell Emc Recoverpoint,Dell Emc Recoverpoint Virtual Machine (vm)",8.8,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2018-05-29T17:29:00.000Z,0
CVE-2018-1235,https://securityvulnerability.io/vulnerability/CVE-2018-1235,,"Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege.",Dell,"Dell Emc Recoverpoint,Dell Emc Recoverpoint Virtual Machine (vm)",9.8,CRITICAL,0.09956999868154526,false,false,false,true,true,false,false,2018-05-29T17:29:00.000Z,0
CVE-2018-1184,https://securityvulnerability.io/vulnerability/CVE-2018-1184,,"An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Boxmgmt CLI may allow a malicious user with boxmgmt privileges to bypass Boxmgmt CLI and run arbitrary commands with root privileges.",Dell,"Emc Recoverpoint For Virtual Machines Versions Prior To 5.1.1, Emc Recoverpoint Version 5.1.0.0, Emc Recoverpoint Versions Prior To 5.0.1.3",6.7,MEDIUM,0.0006300000241026282,false,false,false,false,,false,false,2018-02-03T01:00:00.000Z,0
CVE-2018-1185,https://securityvulnerability.io/vulnerability/CVE-2018-1185,,"An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges.",Dell,"Emc Recoverpoint For Virtual Machines Versions Prior To 5.1.1, Emc Recoverpoint Version 5.1.0.0, Emc Recoverpoint Versions Prior To 5.0.1.3",6.7,MEDIUM,0.0017000000225380063,false,false,false,false,,false,false,2018-02-03T01:00:00.000Z,0