Powerpath Management Appliance

powerpath_management_appliance

Vendor: Dell • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-34451 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions...Show more PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server. Show less
CVE-2022-34450 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 6.7 MEDIUM· v3 N/A· v2 PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as...Show more PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root. Show less
CVE-2022-34449 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 6.0 MEDIUM· v3 N/A· v2 PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information store...Show more PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application. Show less
CVE-2022-34448 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privile...Show more PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions. Show less
CVE-2022-34447 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and ex...Show more PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user. Show less
CVE-2022-34446 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 11, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access...Show more PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration. Show less
CVE-2022-34452 1Dell 1Powerpath Management Appliance Nov 21, 2024 Feb 10, 2023 N/A· v4 2.7 LOW· v3 N/A· v2 PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored...Show more PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs. Show less
CVE-2021-43587 1Dell 1Powerpath Management Appliance Nov 21, 2024 Dec 21, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets...Show more Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.Show less