Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Powerpath_management_appliance
(Dell)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-10 | CVE-2022-34452 | PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs. | Powerpath_management_appliance | 2.7 | ||
| 2023-02-11 | CVE-2022-34446 | PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration. | Powerpath_management_appliance | 8.1 | ||
| 2023-02-11 | CVE-2022-34447 | PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user. | Powerpath_management_appliance | 7.2 | ||
| 2023-02-11 | CVE-2022-34448 | PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions. | Powerpath_management_appliance | 8.8 | ||
| 2023-02-11 | CVE-2022-34449 | PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application. | Powerpath_management_appliance | 6.0 | ||
| 2023-02-11 | CVE-2022-34450 | PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root. | Powerpath_management_appliance | 6.7 | ||
| 2023-02-11 | CVE-2022-34451 | PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server. | Powerpath_management_appliance | 4.8 | ||
| 2021-12-21 | CVE-2021-43587 | Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges. | Powerpath_management_appliance | 6.7 |