Dell Unisphere 360 vulnerabilities
5 known vulnerabilities affecting dell/unisphere_360.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-34363P3HIGHCVSS 7.5fixed in 9.2.3.122026-05-22
CVE-2022-34363 [HIGH] CWE-285 CVE-2022-34363: Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnera
Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the Unisphere for VMAX application running in vApp
cvelistv5nvd
CVE-2022-31233P3HIGHCVSS 8.0fixed in 9.2.3.62022-08-31
CVE-2022-31233 [HIGH] CWE-602 CVE-2022-31233: Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adj
Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.
nvd
CVE-2021-36338P3HIGHCVSS 8.0fixed in 9.1.0.29≥ 9.2.0.0, < 9.2.3.32022-01-21
CVE-2021-36338 [HIGH] CWE-602 CVE-2021-36338: Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An a
Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses the partial fix in CVE-2021-36338.
nvd
CVE-2021-36339P3HIGHCVSS 7.8fixed in 9.1.0.29≥ 9.2.0.0, < 9.2.3.32022-01-21
CVE-2021-36339 [HIGH] CWE-250 CVE-2021-36339: The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local malicious
The Dell EMC Virtual Appliances before 9.2.2.2 contain undocumented user accounts. A local malicious user may potentially exploit this vulnerability to get privileged access to the virtual appliance.
nvd
CVE-2022-45103P3MEDIUMCVSS 6.5fixed in 9.2.3.122023-01-18
CVE-2022-45103 [MEDIUM] CWE-200 CVE-2022-45103: Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x con
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.
nvd