VYPR

Unisphere for PowerMax

by Dell

CVEs (23)

  • CVE-2022-45104HigFeb 11, 2023
    risk 0.57cvss 8.8epss 0.01

    Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying…

  • CVE-2021-21531HigApr 30, 2021
    risk 0.53cvss 8.1epss 0.01

    Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. A local authenticated malicious user with monitor role may exploit this vulnerability to perform unauthorized actions.

  • CVE-2021-21548HigMar 17, 2023
    risk 0.48cvss 7.4epss 0.00

    Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially…

  • CVE-2020-5367HigJun 23, 2020
    risk 0.48cvss 7.4epss 0.01

    Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially…

  • CVE-2025-36595HigJun 27, 2025
    risk 0.47cvss 7.2epss 0.01

    Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code…

  • CVE-2022-34397MedFeb 13, 2023
    risk 0.45cvss 6.9epss 0.00

    Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypass vulnerability, allowing users to perform actions in which they are not authorized.

  • CVE-2022-34363MedMay 22, 2026
    risk 0.42cvss 6.5epss 0.00

    Dell Unisphere for PowerMax vApp version prior to 10.0.0.2, contains an authorization bypass vulnerability in the  Unisphere for VMAX application running in vApp

  • CVE-2022-45103MedJan 18, 2023
    risk 0.42cvss 6.5epss 0.01

    Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file…

  • CVE-2020-5345MedJun 23, 2020
    risk 0.42cvss 6.4epss 0.01

    Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands…

  • CVE-2022-31233MedAug 31, 2022
    risk 0.41cvss 6.3epss 0.00

    Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An adjacent malicious user may potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.

  • CVE-2021-36338MedJan 21, 2022
    risk 0.41cvss 6.3epss 0.00

    Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses…

  • CVE-2020-35170MedJan 5, 2021
    risk 0.41cvss 6.3epss 0.01

    Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially…

  • CVE-2026-26357MedFeb 17, 2026
    risk 0.35cvss 5.4epss 0.00

    Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution…

  • CVE-2026-23861MedFeb 17, 2026
    risk 0.35cvss 5.4epss 0.00

    Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the…

  • CVE-2019-18588MedJan 10, 2020
    risk 0.35cvss 5.4epss 0.01

    Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially…

  • CVE-2025-27686LowApr 7, 2025
    risk 0.18cvss 2.7epss 0.00

    Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability. A high privileged attacker with remote access could…

  • CVE-2026-26358Feb 19, 2026
    risk 0.00cvss epss 0.00

    Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

  • CVE-2026-26360Feb 19, 2026
    risk 0.00cvss epss 0.00

    Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability to delete arbitrary files.

  • CVE-2026-26359Feb 19, 2026
    risk 0.00cvss epss 0.00

    Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files.

  • CVE-2026-26362Feb 19, 2026
    risk 0.00cvss epss 0.00

    Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files.

Page 1 of 2