Dell Evasa Provider Virtual Appliance vulnerabilities
3 known vulnerabilities affecting dell/evasa_provider_virtual_appliance.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-34397MEDIUMCVSS 5.7fixed in 9.2.4.152023-02-13
CVE-2022-34397 [MEDIUM] CWE-863 CVE-2022-34397:
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 an
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.
nvd
CVE-2022-45104HIGHCVSS 8.8fixed in 9.2.4.152023-02-11
CVE-2022-45104 [HIGH] CWE-77 CVE-2022-45104:
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x con
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.
nvd
CVE-2022-31233HIGHCVSS 8.0fixed in 9.2.3.72022-08-31
CVE-2022-31233 [HIGH] CWE-602 CVE-2022-31233: Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adj
Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.
nvd