Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:dell:emc_data_protection_advisor:6.2:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-33935 |
Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. Published: August 30, 2022; 5:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2018-11048 |
Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to read certain system files in the server or cause denial of service by supplying specially crafted Document Type Definitions (DTDs) in an XML request. Published: August 10, 2018; 4:29:00 PM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 5.5 MEDIUM |
CVE-2016-8211 |
EMC Data Protection Advisor 6.1.x, EMC Data Protection Advisor 6.2, EMC Data Protection Advisor 6.2.1, EMC Data Protection Advisor 6.2.2, EMC Data Protection Advisor 6.2.3 prior to patch 446 has a path traversal vulnerability that may potentially be exploited by malicious users to compromise the affected system. Published: February 03, 2017; 2:59:00 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |