VxRail
by Dell
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-5368 | Cri | 0.64 | 9.8 | 0.01 | Jul 6, 2020 | Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form. | ||
| CVE-2022-46756 | Hig | 0.53 | 8.2 | 0.00 | Feb 1, 2023 | Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system… | ||
| CVE-2025-21111 | Hig | 0.49 | 7.5 | 0.00 | Jan 8, 2025 | Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||
| CVE-2025-21102 | Hig | 0.49 | 7.5 | 0.00 | Jan 8, 2025 | Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||
| CVE-2024-39575 | Hig | 0.48 | 7.4 | 0.00 | Jun 16, 2026 | update_disk_psu_baseline.sh requires password in plain text | ||
| CVE-2021-21508 | Med | 0.44 | 6.7 | 0.00 | May 22, 2026 | Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access… | ||
| CVE-2023-23693 | Med | 0.44 | 6.7 | 0.00 | May 23, 2023 | Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's… | ||
| CVE-2023-23694 | Med | 0.31 | 4.7 | 0.01 | May 23, 2023 | Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with… | ||
| CVE-2023-32463 | Low | 0.22 | 3.4 | 0.00 | Jun 23, 2023 | Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. | ||
| CVE-2023-32464 | Low | 0.18 | 2.7 | 0.00 | Jun 23, 2023 | Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the… |
- risk 0.64cvss 9.8epss 0.01
Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form.
- risk 0.53cvss 8.2epss 0.00
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system…
- risk 0.49cvss 7.5epss 0.00
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
- risk 0.49cvss 7.5epss 0.00
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
- risk 0.48cvss 7.4epss 0.00
update_disk_psu_baseline.sh requires password in plain text
- risk 0.44cvss 6.7epss 0.00
Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access…
- risk 0.44cvss 6.7epss 0.00
Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's…
- risk 0.31cvss 4.7epss 0.01
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with…
- risk 0.22cvss 3.4epss 0.00
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
- risk 0.18cvss 2.7epss 0.00
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the…