Dell Cloudlink
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Dell Cloudlink.
By the Year
In 2026 there have been 0 vulnerabilities in Dell Cloudlink. Last year, in 2025 Cloudlink had 8 security vulnerabilities published. Right now, Cloudlink is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 8 | 7.33 |
| 2024 | 2 | 6.35 |
| 2023 | 1 | 7.50 |
| 2022 | 3 | 8.17 |
| 2021 | 2 | 8.15 |
It may take a day or so for new Cloudlink vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Cloudlink Security Vulnerabilities
Dell CloudLink 8.1.1 CVE-2025-46366: Privileged Escalation & DB Access
CVE-2025-46366
6.7 - Medium
- November 05, 2025
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.
Unprotected Storage of Credentials
Dell CloudLink <8.2 CRYPTO Primitive Risky Impl. DoS
CVE-2025-46424
6.7 - Medium
- November 05, 2025
Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service.
Use of a Risky Cryptographic Primitive
Dell CloudLink <8.1.1 Authenticated Command Injection Vulnerability
CVE-2025-46365
5.3 - Medium
- November 05, 2025
Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink.
Command Injection
Dell CloudLink 8.1.1 CLI Escape Vulnerability Privileged User
CVE-2025-46364
9.1 - Critical
- November 05, 2025
Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system.
Improper Privilege Management
Dell CloudLink <=8.1: Privileged Command Injection via Console
CVE-2025-45379
8.4 - High
- November 05, 2025
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system.
Shell injection
Dell CloudLink <8.2 Command Injection via Privileged User
CVE-2025-30479
8.4 - High
- November 05, 2025
Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system.
Shell injection
Dell CloudLink 8.0-8.1.2 Restricted Shell Privilege Escalation
CVE-2025-45378
9.1 - Critical
- November 05, 2025
Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.
Shell injection
Dell CloudLink 8.0-8.1.1 XXE Improper Restriction, DoS risk
CVE-2025-26484
4.9 - Medium
- August 14, 2025
Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
XXE
CloudLink 7.1.x/8.x Improper Exception Handling in Cluster (CVE202438482)
CVE-2024-38482
7.2 - High
- August 02, 2024
CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database.
Improper Check or Handling of Exceptional Conditions
Dell Key Trust Platform 3.0.6 Local Privileged Info Disclosure via Crypto Impl
CVE-2024-37137
5.5 - Medium
- June 28, 2024
Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
CloudLink <7.1.2 vulnerable to broken crypto info disclosure
CVE-2023-28076
7.5 - High
- May 16, 2023
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
Dell CloudLink 7.1.3 Auth Bypass via Alt Path
CVE-2022-34380
8.2 - High
- September 01, 2022
Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.
authentification
Auth Bypass in Dell EMC CloudLink <7.1.2
CVE-2022-34379
9.8 - Critical
- September 01, 2022
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system.
authentification
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests
CVE-2022-24414
6.5 - Medium
- May 26, 2022
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks.
Information Disclosure
Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability
CVE-2021-36313
7.2 - High
- November 23, 2021
Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.
Shell injection
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability
CVE-2021-36312
9.1 - Critical
- November 23, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system.
Use of Hard-coded Password
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Cloudlink or by Dell? Click the Watch button to subscribe.
