Dell Data Protection Advisor vulnerabilities
7 known vulnerabilities affecting dell/data_protection_advisor.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2025-46699MEDIUMCVSS 6.5≥ 19.9, < 19.12≥ N/A, < 19.122026-01-23
CVE-2025-46699 [MEDIUM] CWE-1336 CVE-2025-46699: Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Specia
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
cvelistv5nvd
CVE-2024-28974MEDIUMCVSS 6.5≥ 19.5, < 19.9≥ 19.5, ≤ 19.92024-05-29
CVE-2024-28974 [MEDIUM] CWE-326 CVE-2024-28974: Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerab
Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
cvelistv5nvd
CVE-2022-33935MEDIUMCVSS 5.4≥ unspecified, < 19.52022-08-30
CVE-2022-33935 [MEDIUM] CWE-79 CVE-2022-33935: Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting,
Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets execut
cvelistv5nvd
CVE-2020-5351HIGHCVSS 7.5≥ unspecified, < 6.4, 6.5, 18.12021-07-28
CVE-2020-5351 [HIGH] CWE-259 CVE-2020-5351: Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with lim
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only privileges.
cvelistv5nvd
CVE-2020-5352HIGHCVSS 8.8v6.4, 6.5, 18.12020-07-06
CVE-2020-5352 [HIGH] CWE-78 CVE-2020-5352: Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A
Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system.
cvelistv5nvd
CVE-2019-18582HIGHCVSS 7.2≥ unspecified, < 6.3, 6.4, 6.5 and version prior to 18.2 patch 83 and prior to 19.1 patch 712020-03-18
CVE-2019-18582 [HIGH] CWE-94 CVE-2019-18582: Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 v
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to inject malicious report generation script
cvelistv5nvd
CVE-2019-18581HIGHCVSS 7.2≥ unspecified, < 6.3, 6.4, 6.5 and version prior to 18.2 patch 83 and prior to 19.1 patch 712020-03-18
CVE-2019-18581 [HIGH] CWE-862 CVE-2019-18581: Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 v
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to alter the application’s allowable list of
cvelistv5nvd