← Back

Emc Unity Firmware

emc_unity_firmware

Vendor: Dell • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-1251
1Dell
2Emc Unity Firmware
Emc Unityvsa
Nov 21, 2024
Sep 28, 2018
N/A· v4
8.1 HIGH· v3
5.8 MEDIUM· v2
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary...Show more
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web URLs by tricking the victim user to click on a maliciously crafted Unisphere URL. Attacker could potentially phish information, including Unisphere users' credentials, from the victim once they are redirected.Show less
CVE-2018-1250
1Dell
2Emc Unity Firmware
Emc Unityvsa
Nov 21, 2024
Sep 28, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by direc...Show more
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by directly interacting with certain APIs of Unity OE, bypassing Role-Based Authorization control implemented only in Unisphere GUI.Show less