Dell Xtremio vulnerabilities
6 known vulnerabilities affecting dell/xtremio.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2022-31228P2CRITICALCVSS 9.8≥ unspecified, < 6.4.0-222022-10-12
CVE-2022-31228 [CRITICAL] CWE-307 CVE-2022-31228: Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote unauthen
Dell EMC XtremIO versions prior to X2 6.4.0-22 contain a bruteforce vulnerability. A remote unauthenticated attacker can potentially exploit this vulnerability and gain access to an admin account.
nvd
CVE-2021-21549P3HIGHCVSS 8.8≥ unspecified, < XMS 6.3.32021-05-21
CVE-2021-21549 [HIGH] CWE-352 CVE-2021-21549: Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XM
Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XMS. A non-privileged attacker could potentially exploit this vulnerability, leading to a privileged victim application user being tricked into sending state-changing requests to the vulnerable application, causing unintended server operations.
nvd
CVE-2019-18578P3CRITICALCVSS 9.0≥ unspecified, < 6.3.02020-03-13
CVE-2019-18578 [CRITICAL] CWE-79 CVE-2019-18578: Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-site scripting vulnerability. A
Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-site scripting vulnerability. A low-privileged malicious remote user of XtremIO may exploit this vulnerability to store malicious HTML or JavaScript code in application fields. When victim users access the injected page through their browsers, the malicious code may be executed by t
nvd
CVE-2019-18577P4MEDIUMCVSS 6.7≥ unspecified, < 6.3.02020-03-13
CVE-2019-18577 [MEDIUM] CWE-732 CVE-2019-18577: Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerabilit
Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access.
nvd
CVE-2019-18576P4MEDIUMCVSS 6.7≥ unspecified, < 6.3.02020-03-13
CVE-2019-18576 [MEDIUM] CWE-532 CVE-2019-18576: Dell EMC XtremIO XMS versions prior to 6.3.0 contain an information disclosure vulnerability where O
Dell EMC XtremIO XMS versions prior to 6.3.0 contain an information disclosure vulnerability where OS users’ passwords are logged in local files. Malicious local users with access to the log files may use the exposed passwords to gain access to XtremIO with the privileges of the compromised user.
nvd
CVE-2025-30105P4MEDIUMCVSS 5.5≥ NA, < 6.4.32025-07-30
CVE-2025-30105 [MEDIUM] CWE-532 CVE-2025-30105: Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vu
Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the
nvd