cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-21548,https://securityvulnerability.io/vulnerability/CVE-2021-21548,Improper Certificate Validation in Dell EMC Unisphere for PowerMax and PowerMax OS,"Dell EMC Unisphere for PowerMax and its Virtual Appliance, along with PowerMax OS, are susceptible to an improper certificate validation issue. This vulnerability enables unauthenticated remote attackers to exploit the system by executing man-in-the-middle attacks. By supplying a specially crafted certificate, an attacker could intercept and manipulate network traffic, potentially leading to unauthorized data access or modification during transmission.",Dell,"Unisphere For Powermax, Dell Emc Unisphere For Powermax Virtual Appliance ,  Powermax Os",7.4,HIGH,0.0013699999544769526,false,,false,false,false,,,false,false,,2023-03-17T05:07:42.867Z,0
CVE-2022-34397,https://securityvulnerability.io/vulnerability/CVE-2022-34397,Authorization Bypass in Dell Unisphere for PowerMax and Related VApps,"An authorization bypass vulnerability exists in Dell Unisphere for PowerMax, VASA Provider, and Solution Enabler versions up to 10.0.0.5. This flaw permits unauthorized users to execute actions that should be restricted, potentially leading to unauthorized access and manipulation of system resources. Organizations using these applications should review their security practices and update their systems to mitigate any risk associated with this vulnerability.",Dell,Unisphere For Powermax,6.9,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-02-13T09:06:03.573Z,0
CVE-2022-45104,https://securityvulnerability.io/vulnerability/CVE-2022-45104,Command Execution Vulnerability in Dell Unisphere and VASA Provider Products,"Dell Unisphere for PowerMax, VASA Provider, and Solution Enabler vApps version 9.2.3.x are susceptible to a command execution vulnerability. This flaw allows a low-privileged remote attacker to potentially exploit the system, leading to the execution of arbitrary commands on the underlying software. It underscores the importance of applying timely security updates to mitigate the risk of unauthorized command execution.",Dell,Unisphere For Powermax Vapp,8.8,HIGH,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-02-11T01:23:00.000Z,0
CVE-2022-45103,https://securityvulnerability.io/vulnerability/CVE-2022-45103,Information Disclosure Vulnerability in Dell Unisphere for PowerMax and VASA Provider,"Dell Unisphere for PowerMax, VASA Provider, and Solution Enabler vApps version 9.2.3.x are affected by an information disclosure vulnerability. This flaw allows a low-privileged remote attacker to potentially exploit the system, enabling unauthorized access to read arbitrary files within the underlying file system. Mitigating this vulnerability is essential to safeguarding sensitive information and maintaining the integrity of the affected systems.",Dell,Unisphere For Powermax Vapp,6.5,MEDIUM,0.0011399999493733048,false,,false,false,false,,,false,false,,2023-01-18T14:31:56.582Z,0
CVE-2022-31233,https://securityvulnerability.io/vulnerability/CVE-2022-31233,Privilege Escalation Vulnerability in Unisphere for PowerMax by Dell,"Unisphere for PowerMax prior to version 9.2.3.15 has a vulnerability that allows an adjacent malicious user to exploit insufficient access control mechanisms. By leveraging this flaw, the attacker could escalate their privileges, gaining unauthorized access to restricted functionalities that should otherwise be unavailable to them.",Dell,Unisphere For Powermax,6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-06-27T00:00:00.000Z,0
CVE-2021-36338,https://securityvulnerability.io/vulnerability/CVE-2021-36338,Privilege Escalation Vulnerability in Unisphere for PowerMax by Dell,"Unisphere for PowerMax versions prior to 9.2.2.2 has a vulnerability that allows adjacent malicious users to escalate their privileges. This exploitation can enable unauthorized access to features and functionalities, undermining the integrity of access control mechanisms within the product. A follow-up security update, CVE-2022-31233, was introduced to address the inadequacies of the initial mitigation measures.",Dell,Unisphere For Powermax,6.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-01-21T21:15:00.000Z,0
CVE-2021-21531,https://securityvulnerability.io/vulnerability/CVE-2021-21531,,Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.,Dell,Unisphere For Powermax,8.1,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-30T21:15:00.000Z,0
CVE-2020-35170,https://securityvulnerability.io/vulnerability/CVE-2020-35170,,"Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users’ sessions.",Dell,Unisphere For Powermax,6.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2021-01-05T22:15:00.000Z,0
CVE-2020-5345,https://securityvulnerability.io/vulnerability/CVE-2020-5345,,"Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.",Dell,Unisphere For Powermax,6.4,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2020-06-23T20:15:00.000Z,0
CVE-2020-5367,https://securityvulnerability.io/vulnerability/CVE-2020-5367,,"Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim's data in transit.",Dell,"Unisphere For Powermax, Unisphere For Powermax Virtual Appliance, Powermax Os",8.1,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2020-06-23T20:15:00.000Z,0
CVE-2019-18588,https://securityvulnerability.io/vulnerability/CVE-2019-18588,,"Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users' sessions.",Dell,Unisphere For Powermax,9,CRITICAL,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-10T19:15:00.000Z,0