cbcvebase.

Dell Encryption Enterprise vulnerabilities

3 known vulnerabilities affecting dell/dell_encryption_enterprise.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2

Vulnerabilities

Page 1 of 1
CVE-2020-5327P2CRITICALCVSS 9.8≥ unspecified, < 10.2.102020-03-06
CVE-2020-5327 [CRITICAL] CWE-502 CVE-2020-5327: Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untr Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.
nvd
CVE-2020-5358P3HIGHCVSS 7.8≥ unspecified, < 10.82020-06-15
CVE-2020-5358 [HIGH] CWE-732 CVE-2020-5358: Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contai Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.
nvd
CVE-2019-3745P3HIGHCVSS 7.3≥ unspecified, < 10.4.02019-10-07
CVE-2019-3745 [HIGH] CWE-427 CVE-2019-3745: The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4. The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0. This issue is exploitable only during the installation of the product by an administrator. A local authenticated low privileged user potentially could exploit this vulnerability by sta
nvd
Dell Encryption Enterprise vulnerabilities | cvebase