VYPR

Powerstore

by Webassist

CVEs (20)

  • CVE-2023-32478Jul 21, 2023
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. A high privileged malicious user could potentially exploit this vulnerability, leading to sensitive information disclosure.

  • CVE-2023-32449Jun 22, 2023
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks

  • CVE-2022-26870Oct 21, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.02

    Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability under specific configuration. An attacker would gain unauthorized access upon successful exploit.

  • CVE-2022-33923Jul 20, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying…

  • CVE-2022-32498Jul 20, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore, Versions prior to v3.0.0.0 contain a DLL Hijacking vulnerability in PSTCLI. A local attacker can potentially exploit this vulnerability to execute arbitrary code, escalate privileges, and bypass software allow list solutions, leading to system takeover or IP…

  • CVE-2022-31234Jul 20, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.01

    Dell EMC PowerStore, contain(s) an Improper Restriction of Excessive Authentication Attempts Vulnerability in PowerStore Manager GUI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is possible…

  • CVE-2022-22555Jul 20, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.01

    Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable…

  • CVE-2022-26869Jun 2, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.03

    Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.

  • CVE-2022-26868Jun 2, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the…

  • CVE-2022-26867Jun 2, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    PowerStore SW v2.1.1.0 supports the option to export data to either a CSV or an XLSX file. The data is taken as is, without any validation or sanitization. It allows a malicious, authenticated user to inject payloads that might get interpreted as formulas by the corresponding…

  • CVE-2022-26866Jun 2, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell PowerStore Versions before v2.1.1.0. contains a Stored Cross-Site Scripting vulnerability. A high privileged network attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When…

  • CVE-2022-22557Jun 2, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker…

  • CVE-2022-22556Jun 2, 2022
    Webassist
    Powerstore
    risk 0.00cvss epss 0.01

    Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service.

  • CVE-2020-29503Jul 19, 2021
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory.

  • CVE-2020-29499Jul 19, 2021
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore…

  • CVE-2020-29502Jan 5, 2021
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The…

  • CVE-2020-29501Jan 5, 2021
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The…

  • CVE-2020-29500Jan 5, 2021
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The…

  • CVE-2020-5372Jul 6, 2020
    Webassist
    Powerstore
    risk 0.00cvss epss 0.01

    Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.

  • CVE-2010-3420Sep 16, 2010
    Webassist
    Powerstore
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability in Products_Results.php in PowerStore 3.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_WADAProducts parameter.