VYPR

Emc Data Protection Advisor

by Dell

CVEs (11)

  • CVE-2017-8013CriMar 16, 2018
    risk 0.64cvss 9.8epss 0.02

    EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with…

  • CVE-2018-11048HigAug 10, 2018
    risk 0.53cvss 8.1epss 0.02

    Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit…

  • CVE-2018-1206HigMar 12, 2018
    risk 0.51cvss 7.8epss 0.00

    Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. The affected account is "apollosuperuser." An attacker with local access to…

  • CVE-2016-8211HigFeb 3, 2017
    risk 0.49cvss 7.5epss 0.03

    EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users…

  • CVE-2025-46699Jan 23, 2026
    risk 0.00cvss epss 0.00

    Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information…

  • CVE-2024-28974May 29, 2024
    risk 0.00cvss epss 0.00

    Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

  • CVE-2022-33935Aug 30, 2022
    risk 0.00cvss epss 0.00

    Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user…

  • CVE-2020-5351Jul 28, 2021
    risk 0.00cvss epss 0.01

    Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and…

  • CVE-2020-5352Jul 6, 2020
    risk 0.00cvss epss 0.03

    Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system.

  • CVE-2019-18582Mar 18, 2020
    risk 0.00cvss epss 0.05

    Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may…

  • CVE-2019-18581Mar 18, 2020
    risk 0.00cvss epss 0.04

    Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may…