Vulnerabilidades en Dell
1416 resultadosAnálisis Vexday
Com 1.414 CVEs catalogadas, a Dell apresenta um volume expressivo de vulnerabilidades, com 64 classificadas como críticas e 103 surgidas apenas nos últimos 90 dias, o que indica um ritmo contínuo de descobertas que exige acompanhamento próximo. A taxa de exploração ativa está abaixo da média geral do catálogo, com apenas 2 entradas no CISA KEV, sugerindo que, apesar do volume, a conversão em ameaças ativas confirmadas é relativamente contida. A falha mais comum é do tipo CWE-78 (injeção de comandos no SO), categoria que historicamente representa risco elevado de execução arbitrária de código. A CVE mais crítica atualmente em exploração ativa, CVE-2021-21551, registra EPSS de 0,5747 — indicando probabilidade relevante de exploração — e deve ser tratada com prioridade máxima por equipes que ainda não aplicaram a respectiva correção.
CVE-2022-46679MEDIUM
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker coulEPSS 0.8%CVE-2024-37143CRITICALDell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x tEPSS 0.8%CVE-2023-43068HIGH
Dell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authEPSS 0.8%CVE-2023-28062HIGH
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with lowEPSS 0.8%CVE-2024-25944MEDIUMDell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially EPSS 0.8%CVE-2023-48671HIGH
Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit tEPSS 0.8%CVE-2024-49560HIGHDell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low priviEPSS 0.8%CVE-2023-44286HIGH
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulneraEPSS 0.8%CVE-2020-5337MEDIUMRSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. A remote unauthenticated attacker could potentiallyEPSS 0.8%CVE-2021-21596CRITICALDell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remEPSS 0.8%CVE-2020-5345MEDIUMDell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, anEPSS 0.7%CVE-2021-36316MEDIUMDell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious EPSS 0.7%CVE-2022-45103MEDIUM
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerabiEPSS 0.7%CVE-2022-34425HIGHDell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentialEPSS 0.7%CVE-2024-22461HIGHDell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentiaEPSS 0.7%CVE-2022-32480MEDIUMDell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initializatEPSS 0.7%CVE-2023-23694MEDIUM
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attackEPSS 0.7%CVE-2023-32465HIGH
Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerabilitEPSS 0.7%CVE-2022-31228HIGHDell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote unauthenticated attacker can potentially exploitEPSS 0.7%CVE-2020-5331HIGHRSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users’ session information could potentially EPSS 0.7%