Dell Luki w zabezpieczeniach

Oś czasu

Rodzaj

Produkt

Dell BIOS88
Dell EMC PowerScale OneFS70
Dell PowerScale OneFS47
Dell Wyse Management Suite29
Dell EMC iDRAC928

Przeciwdziałanie

Official Fix467
Temporary Fix0
Workaround4
Unavailable8
Not Defined526

Wykorzystywanie

High14
Functional3
Proof-of-Concept37
Unproven5
Not Defined946

Wektor dostępu

Not Defined0
Physical31
Local355
Adjacent25
Network594

Uwierzytelnianie

Not Defined0
High242
Low438
None325

Interakcja z użytkownikiem

Not Defined0
Required138
None867

C3BM Index

CVSSv3 Base

≤10
≤26
≤312
≤454
≤5156
≤6201
≤7261
≤8221
≤969
≤1025

CVSSv3 Temp

≤10
≤26
≤312
≤462
≤5156
≤6217
≤7264
≤8202
≤964
≤1022

VulDB

≤10
≤211
≤354
≤4129
≤5174
≤6158
≤7234
≤8178
≤944
≤1023

NVD

≤10
≤20
≤32
≤47
≤540
≤639
≤7113
≤8152
≤952
≤1068

CNA

≤10
≤22
≤310
≤420
≤558
≤6127
≤7133
≤8213
≤988
≤1026

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤61
≤71
≤81
≤92
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k15
<2k21
<5k146
<10k444
<25k367
<50k12
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k385
<2k85
<5k177
<10k277
<25k81
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (325): 2335dn (2), 2355dn (1), Alienware Command Center (2), Alienware Update (8), Alienware m17 R5 BIOS (1), App Manager (7), AppSync (6), Asset Manager (1), Avamar (1), Avamar ADMe Web Interface (1), Avamar Server (11), BIOS (88), BIOSConnect (3), BSAFE Crypto-C Micro Edition (12), BSAFE Crypto-J (1), BSAFE Micro Edition Suite (16), BSAFE SSL-J (4), CPG BIOS (4), Client (1), Client Commercial (2), Client Consumer (4), Client Platform (2), CloudIQ Collector (1), CloudLink (11), Cloud Mobility for Dell Storage (2), Command & Update (2), Command Configure (4), Command Integration Suite (1), Command Integration Suite for System Center (1), Command Intel vPro Out of Band (2), Command Monitor (4), Command Update (9), Commercial Platform (3), Common Event Enabler (1), Consumer Platform (1), Container Storage Modules (4), Crowbar (1), DBUtil BIOS Driver (1), DBUtilDrv2.sys Driver (1), DDOS (1), DUP Framework (2), Data Protection Advisor (7), Data Protection Central (5), Data Protection Search (2), Dell PowerStore (1), DellSystemLite.Scanner ActiveX control (2), Digital Delivery (7), Display Manager (4), Display and Peripheral Manager (1), Dock Firmware Update Utilities (1), ECS (5), ECS Streamer (1), EMC IsilonSD Edge (1), EMC Metro (1), EMC PowerScale (1), EMC PowerScale OneFS (2), EMC SCG Policy Manager (4), EMC Solutions Enabler (2), EMC Solutions Enabler Virtual Appliance (2), EMC Unisphere for VMAX Virtual Appliance (2), EMC Unity (2), EMC Unity versions (1), EMC VASA Virtual Appliance (2), EMC VASA Virtual Appliances (2), EMC VMAX Embedded Management (4), EMC VxRail (1), ESI for SAP LAMA (2), ESRS Policy Manager (1), Edge Gateway 5200 (1), Encryption (5), Encryption Enterprise (1), Endpoint Security (1), Endpoint Security Security Suite (1), Endpoint Security Suite (1), Endpoint Security Suite Enterprise (3), Endpoint Security Suite Enterprise (1), Enterprise Copy Data Management (1), Enterprise SONiC OS (4), Enterprise Storage Analytics for vRealize Operations (1), Equallogic Ps4000 (1), G7 17 7790 (1), GeoDrive (6), Governance (7), Grab (3), Hybrid Client (10), IDPA (1), ImageAssist (1), InsightIQ (2), Inspiron 15 7579 2-in-1 BIOS (1), Inspiron 5675 (1), Inspiron 7347 BIOS (1), Inspiron 7352 BIOS (1), Integrated Data Protection Appliance (10), Integrated Remote Access Controller 8 (1), Integrated System for Microsoft Azure Stack Hub (2), Isilion (6), Isilon OneFS (16), IsilonSD Management Server (2), KACE K2000 Systems Deployment Appliance (1), KBOX SM Appliance (6), Kace K1000 Systems Management Appliance (1), Kace K1000 Systems Management Appliance Software (1), Kace K2000 Systems Deployment Appliance (4), Latitude 7202 Rugged Tablet BIOS (1), Lifecycle (4), Mobility E-Lab Navigator (2), Multifunction Printer E525w Driver and Software Suite (1), NetVault Backup (2), NetWorker (18), NetWorker AMQP (1), NetWorker Module for Databases and Applications (1), NetWorker Virtual Edition (1), Network Manager (1), Networking OS10 (9), Networking PC5500 (1), Networking S4100 Switch (1), Networking S5200 Switch (1), Networking X-Series (5), OS10 (3), OS Recovery Tool (3), OpenManage Enterprise (9), OpenManage Enterprise-Modular (6), OpenManage Enterprise Modular (1), OpenManage Integration (2), OpenManage Integration for Microsoft System Center (1), OpenManage Network Manager (1), OpenManage Server Administrator (11), Open Manage System Administrator (2), OpenManage Web Server (1), Openmanage CD (1), PPDM (1), PV ME5 (1), Pair Installer (1), Peripheral Manager (1), PowerConnect 3348 (3), PowerConnect 6248P (1), PowerConnect 7000 (1), PowerConnect 8024 (1), PowerConnect M6220 (1), PowerConnect M6348 (1), PowerConnect M8024 (1), PowerConnect M8024-K (1), PowerEdge 14G Server BIOS (1), PowerEdge BIOS (23), PowerEdge BIOS Intel 16G (2), PowerEdge MX740c (3), PowerEdge MX840c (3), PowerEdge Platform (6), PowerEdge R640 (3), PowerEdge R740 (3), PowerEdge R740XD (3), PowerEdge R840 (3), PowerEdge R940 (3), PowerEdge R940xa (3), PowerEdge Server BIOS (2), PowerEdge T640 (2), PowerEdge VRTX Switch Module (2), PowerFlex (1), Power Manager (3), PowerMax OS (5), PowerPath (3), PowerPath Management Appliance (5), PowerPath Management Appliance with (3), PowerProtect Agent for File System (1), Power Protect Cyber Recovery (1), PowerProtect Cyber Recovery (3), PowerProtect DD (8), PowerProtect Data Manager (4), PowerProtect Data Manager DM5500 Appliance (7), PowerProtect X400 (1), PowerScale Node A200 (1), PowerScale Node F800 (1), PowerScale Node F810 (1), PowerScale Node H400 (1), PowerScale Node H500 (1), PowerScale Node H600 (1), PowerScale Node H5600 (1), PowerScale Node PowerScale Node A2000 (1), PowerScale Nodes (1), PowerScale OneFS (117), PowerStore (17), PowerStore > (1), PowerStore X (1), Powervault Ml6000 (1), Powervault Ml6020 (4), Pre-Boot Authentication Driver (1), Precision 5820 Tower (1), Precision 7820 Tower (1), Precision 7920 (1), Precision 7920 Tower (1), Precision BIOS (20), Precision Optimizer (1), Precision Rack BIOS (1), Product (2), Protected Workspace (1), Quest One Password Manager (1), RSA Archer (11), RSA Authentication Manager (11), RSA BSAFE Crypto-C Micro Edition (1), RSA BSAFE Crypto-J (1), RSA BSAFE Micro Edition Suite (6), RSA BSAFE SSL-J (3), RSA Certificate Manager (1), RSA Identity Governance (4), RSA Identity Lifecycle (2), RSA Identity Management (1), RSA NetWitness Platform (3), RSA Security Analytics (3), RSA Via Lifecycle (4), RSA Web Threat Detection (1), RVTools (1), RecoverPoint (6), RecoverPoint for VMs (3), RecoverPoint for Virtual Machines (5), Remote Access Card (1), Reporting (1), Repository Manager (4), Rugged Control Center (4), SCG (2), SCG Policy Manager (1), SD ROM Utility (1), SMIS (1), SRM (1), SRS Policy Manager (1), SaleIO (1), ScaleIO (2), Secure Connect Gateway (9), Secure Connect Gateway-Appliance (2), Secure Connect Gateway-Application (2), Secure Remote Services (3), SecureWorks App (1), Security Management Serve (1), Security Management Server (2), SmartFabric (1), SmartFabric OS10 (2), SmartFabric Storage Software (8), Solution Enabler vApp (2), Solutions Enabler Virtual Appliance (1), SonicWALL (1), SonicWALL Email Security (2), SonicWALL GMS (2), SonicWALL NetExtender (3), SonicWALL Scrutinizer (1), SonicWall (5), SonicWall GMS Virtual Appliance (1), SonicWall Scrutinizer (2), SonicWall Secure Remote Access Appliance (1), SonicWall TotalSecure TZ 100 (1), SonicWall ViewPoint (1), Sonicwall Network Security Appliance 2400 (1), Sonicwall Scrutinizer With Flow Analytics Module (4), Sonicwall Universal Management Appliance E5000 (1), SourceOne (1), Storage (1), Storage Integration Tools for VMware (1), Storage Manager (3), Storage Monitoring (1), Streaming Data Platform (6), SupportAssist (1), SupportAssist Client (4), SupportAssist Client Commercial (5), SupportAssist Client Consumer (9), SupportAssist Enterprise (1), Support Assist OS Recovery (1), SupportAssist for Business PCs (7), SupportAssist for Home PCs (9), System Update (3), ThinLinux2 (1), TrueMobile 2300 Wireless Broadband Router (1), Truemobile 1300 Wlan Mini-pci Card Util Trayapplet (1), Trusted Device Agent (1), UEFI (1), UEFI BIOS (1), UMA (2), Unisphere for PowerMax (8), Unisphere for PowerMax Virtual Appliance (2), Unisphere for PowerMax vApp (3), Unisphere for Solution Enabler vApp (1), Unisphere for VASA Provider vApp (1), Unisphere for VMAX (2), Unisphere for VMAX Virtual Appliance (1), Unity (37), Unity OE (1), Unity Operating Environment (2), UnityVSA (18), UnityVSA OE (1), Unity XT (11), UnityXT (1), Update (7), Update Package Framework (1), VASA Provider Virtual Appliance (1), VASA Provider vApp (2), VMAX Embedded Management (1), VNX1 (1), VNX2 (5), VNX2 OE for File (5), VNXe3200 (1), VPLEX GeoSynchrony (1), ViPR Controller (1), ViewPoint (2), Virtual Appliance Manager (2), Virtual Appliances (1), VxRail (5), WES Wyse Device Agent (1), WMS (3), Web Interface (1), Wyse Device Agent (4), Wyse Device Manager (2), Wyse Management Suite (29), Wyse Management Suite Repository (1), Wyse ThinLinux Hagent (1), Wyse ThinOS (9), Wyse Windows Embedded System (1), XPS 13 2-in-1 (1), XPS 13 9370 BIOS (1), XtremIO (2), XtremIO X2 XMS (1), XtremIO XMS (3), crowbar (1), iDRAC6 (9), iDRAC6 modular (1), iDRAC7 (14), iDRAC8 (22), iDRAC9 (31), iDRAC Service Module (2)

Link to Vendor Website: https://www.dell.com/

OpublikowanoBaseTempSłaby punktProdWykPrzCTIEPSSCVE
2024-03-285.15.1Dell PowerScale OneFS privilege escalationNieznanyNot DefinedNot Defined0.24-0.00000CVE-2024-25953
2024-03-287.27.0Dell Virtual Appliance Manager privilege escalationNieznanyNot DefinedOfficial Fix0.29-0.00000CVE-2024-25955
2024-03-287.27.0Dell Virtual Appliance Manager privilege escalationNieznanyNot DefinedOfficial Fix0.21-0.00000CVE-2024-25946
2024-03-284.84.8Dell PowerScale OneFS weak encryptionNieznanyNot DefinedNot Defined0.35-0.00000CVE-2024-25963
2024-03-284.54.5Dell PowerScale OneFS weak authenticationNieznanyNot DefinedNot Defined0.24-0.00000CVE-2024-25954
2024-03-285.15.0Dell PowerProtect Data Manager XML External EntityNieznanyNot DefinedOfficial Fix0.19-0.00000CVE-2024-25971
2024-03-285.55.5Dell PowerScale OneFS weak encryptionNieznanyNot DefinedNot Defined0.32-0.00000CVE-2024-25960
2024-03-285.15.1Dell PowerScale OneFS privilege escalationNieznanyNot DefinedNot Defined0.35-0.00000CVE-2024-25952
2024-03-285.15.1Dell PowerScale OneFS privilege escalationNieznanyNot DefinedNot Defined0.35-0.00000CVE-2024-25961
2024-03-285.65.6Dell PowerScale OneFS information disclosureNieznanyNot DefinedNot Defined0.40-0.00000CVE-2024-25959
2024-03-277.37.3Dell InsightIQ privilege escalationNieznanyNot DefinedNot Defined0.130.00043CVE-2024-25962
2024-03-264.44.3Dell Grab privilege escalationNieznanyNot DefinedOfficial Fix0.040.00043CVE-2024-25956
2024-03-266.96.7Dell Grab privilege escalationNieznanyNot DefinedOfficial Fix0.060.00043CVE-2024-25958
2024-03-264.04.0Dell Grab appsync information disclosureNieznanyNot DefinedOfficial Fix0.020.00043CVE-2024-25957
2024-03-255.35.3Dell PowerScale OneFS denial of serviceNieznanyNot DefinedNot Defined0.030.00043CVE-2024-25964
2024-03-194.03.9Dell PowerEdge Platform SMM Communication privilege escalationNieznanyNot DefinedOfficial Fix0.040.00043CVE-2024-25942
2024-03-195.55.5Dell PowerEdge Platform BIOS memory corruptionNieznanyNot DefinedOfficial Fix0.040.00043CVE-2024-22453
2024-03-133.53.5Dell PowerEdge Platform information disclosureNieznanyNot DefinedOfficial Fix0.050.00061CVE-2024-0154
2024-03-133.53.5Dell PowerEdge Platform information disclosureNieznanyNot DefinedOfficial Fix0.040.00061CVE-2024-0173
2024-03-134.94.8Dell PowerEdge BIOS Intel 16G SMM Communication memory corruptionNieznanyNot DefinedOfficial Fix0.050.00043CVE-2024-0162
2024-03-134.94.8Dell PowerEdge BIOS Intel 16G race conditionNieznanyNot DefinedOfficial Fix0.030.00043CVE-2024-0163
2024-03-135.55.5Dell PowerEdge Platform SMM Communication privilege escalationNieznanyNot DefinedOfficial Fix0.050.00043CVE-2024-0161
2024-03-098.07.8Dell Integrated Remote Access Controller 8 Privilege EscalationRemote Access SoftwareNot DefinedOfficial Fix0.020.00043CVE-2024-25951
2024-03-043.03.0Dell PowerScale OneFS nieznana lukaNieznanyNot DefinedNot Defined0.020.00043CVE-2024-24901
2024-03-045.55.5Dell PowerScale OneFS weak encryptionNieznanyNot DefinedNot Defined0.040.00043CVE-2024-22463
2024-03-047.06.8Dell Digital Delivery memory corruptionNieznanyNot DefinedOfficial Fix0.030.00043CVE-2024-0155
2024-03-047.47.3Dell Digital Delivery memory corruptionNieznanyNot DefinedOfficial Fix0.020.00043CVE-2024-0156
2024-03-047.37.1Dell Display and Peripheral Manager Installation privilege escalationNieznanyNot DefinedOfficial Fix0.020.00043CVE-2024-22452
2024-03-015.04.9Dell Secure Connect Gateway Trusted Application Data Store cross site scriptingNieznanyNot DefinedOfficial Fix0.020.00043CVE-2024-24907
2024-03-015.04.9Dell Secure Connect Gateway Trusted Application Data Store cross site scriptingNieznanyNot DefinedOfficial Fix0.050.00043CVE-2024-24905
2024-03-015.04.9Dell Secure Connect Gateway Trusted Application Data Store cross site scriptingNieznanyNot DefinedOfficial Fix0.040.00043CVE-2024-24904
2024-03-016.76.7Dell Secure Connect Gateway privilege escalationNieznanyNot DefinedNot Defined0.040.00043CVE-2024-24903
2024-03-015.04.9Dell Secure Connect Gateway Policy Page cross site scriptingNieznanyNot DefinedOfficial Fix0.030.00043CVE-2024-24906
2024-03-016.76.5Dell DUP Framework privilege escalationNieznanyNot DefinedOfficial Fix0.060.00043CVE-2023-39254
2024-03-015.85.7Dell CPG BIOS memory corruptionNieznanyNot DefinedOfficial Fix0.030.00043CVE-2023-48674
2024-03-015.35.2Dell Secure Connect Gateway Policy privilege escalationNieznanyNot DefinedOfficial Fix0.020.00043CVE-2024-24900
2024-03-016.76.7Dell Secure Connect Gateway weak authenticationNieznanyNot DefinedNot Defined0.020.00043CVE-2024-22457
2024-03-013.73.7Dell Secure Connect Gateway weak encryptionNieznanyNot DefinedNot Defined0.020.00043CVE-2024-22458
2024-02-287.87.8Dell ECS privilege escalationNieznanyNot DefinedNot Defined0.030.00043CVE-2024-22459
2024-02-165.15.1Dell RecoverPoint for Virtual Machines information disclosureBackup SoftwareNot DefinedNot Defined0.040.00043CVE-2024-22425
2024-02-167.27.2Dell RecoverPoint for Virtual Machines privilege escalationBackup SoftwareNot DefinedNot Defined0.020.00043CVE-2024-22426
2024-02-156.76.7Dell ESI for SAP LAMA EHAC weak encryptionNieznanyNot DefinedOfficial Fix0.020.00043CVE-2023-39245
2024-02-157.37.1Dell ESI for SAP LAMA EHAC privilege escalationNieznanyNot DefinedOfficial Fix0.020.00043CVE-2023-39244
2024-02-159.89.6Dell SmartFabric OS10 privilege escalationNieznanyNot DefinedOfficial Fix0.030.00043CVE-2023-32462
2024-02-159.89.8Dell Enterprise SONiC OS privilege escalationNieznanyNot DefinedNot Defined0.090.00043CVE-2023-32484
2024-02-158.28.0Dell SmartFabric OS10 Remote Code ExecutionNieznanyNot DefinedOfficial Fix0.040.00043CVE-2023-28078
2024-02-145.95.9Dell Secure Connect Gateway-Application Collection REST API sql injectionNieznanyNot DefinedNot Defined0.030.00043CVE-2023-44294
2024-02-145.95.9Dell Secure Connect Gateway-Application Filter sql injectionNieznanyNot DefinedNot Defined0.020.00043CVE-2023-44293
2024-02-147.87.8Dell SupportAssist for Home PCs privilege escalationNieznanyNot DefinedNot Defined0.020.00043CVE-2023-44283
2024-02-146.86.6Dell SupportAssist Client Consumer privilege escalationNieznanyNot DefinedOfficial Fix0.020.00043CVE-2023-25535

955 więcej wpisów nie jest pokazywanych

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!