High
Third-party Component | CVEs | More Information |
---|---|---|
cpio | CVE-2023-7207 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
docker | CVE-2024-23651, CVE-2024-23653, CVE-2024-23652 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
gnutls | CVE-2024-0553, CVE-2023-5981 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
kernel | CVE-2021-46955, CVE-2021-47041, CVE-2021-47074, CVE-2021-47113, CVE-2021-47131, CVE-2021-47184, CVE-2021-47185, CVE-2021-47194, CVE-2021-47198, CVE-2021-47201, CVE-2021-47203, CVE-2021-47206, CVE-2021-47207, CVE-2021-47212, CVE-2022-48631, CVE-2022-48651, CVE-2022-48654, CVE-2022-48687, CVE-2023-2860, CVE-2023-6270, CVE-2024-0639, CVE-2024-0841, CVE-2024-22099, CVE-2024-23307, CVE-2024-26688, CVE-2024-26689, CVE-2024-26733, CVE-2024-26739, CVE-2024-26744, CVE-2024-26816, CVE-2024-26840, CVE-2024-26852, CVE-2024-26862, CVE-2024-26898, CVE-2024-26903, CVE-2024-26906, CVE-2024-27043 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
krb5 | CVE-2024-26458, CVE-2024-26461 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
less | CVE-2024-32487 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libssh | CVE-2020-1730, CVE-2023-6918, CVE-2023-1667, CVE-2023-48795, CVE-2023-6004, CVE-2020-16135, CVE-2019-14889, CVE-2023-2283, CVE-2021-3634 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
libxml2 | CVE-2024-25062 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
nghttp2 | CVE-2024-28182 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
module-tools | CVE-2023-1829, CVE-2023-23559 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
mozilla-nss | CVE-2023-5388 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
OpenJDK | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
OpenSSH | CVE-2023-51385 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
OpenSSL | CVE-2024-2511 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
pam | CVE-2024-22365 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
perl | CVE-2018-6913, CVE-2017-6512, CVE-2018-6798, CVE-2023-31484 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
postgresql | CVE-2024-0985 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
python | CVE-2023-52425, CVE-2024-0450 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
runc | CVE-2024-21626 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
sudo | CVE-2023-42465 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
util-linux | CVE-2024-28085 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
vim | CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667, CVE-2023-4750 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
xen-libs | CVE-2023-46839 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-42429 | Dell PowerStore contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized access and modification of application data" | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2024-30476 | PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser. | 5.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-42429 | Dell PowerStore contains an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized access and modification of application data" | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVE-2024-30476 | PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could lead to script execution in the client browser. | 5.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
PowerStore 500T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/en-us/product-support/product/powerstore-500t/drivers |
PowerStore 1000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-1000t/drivers |
PowerStore 1200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-1200t/drivers |
PowerStore 3000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-3000t/drivers |
PowerStore 3200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-3200t/drivers |
PowerStore 5000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-5000t/drivers |
PowerStore 5200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-5200t/drivers |
PowerStore 7000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-7000t/drivers |
PowerStore 9000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-9000t/drivers |
PowerStore 9200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-9200t/drivers |
Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|
PowerStore 500T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/en-us/product-support/product/powerstore-500t/drivers |
PowerStore 1000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-1000t/drivers |
PowerStore 1200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-1200t/drivers |
PowerStore 3000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-3000t/drivers |
PowerStore 3200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-3200t/drivers |
PowerStore 5000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-5000t/drivers |
PowerStore 5200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-5200t/drivers |
PowerStore 7000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-7000t/drivers |
PowerStore 9000T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-9000t/drivers |
PowerStore 9200T | PowerStoreT OS | Versions prior to 3.6.1.3-2369400 | Version 3.6.1.3-2369400 and later | https://www.dell.com/support/home/product-support/product/powerstore-9200t/drivers |
None
Revision | Date | Description |
---|---|---|
1.0 | 2024-09-26 | Initial Release |
2.0 | 2024-09-27 | Formatting change |