Dell Cloudlink
By the Year
In 2024 there have been 0 vulnerabilities in Dell Cloudlink . Last year Cloudlink had 1 security vulnerability published. Right now, Cloudlink is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.50 |
| 2022 | 3 | 8.17 |
| 2021 | 2 | 8.15 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Cloudlink vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Cloudlink Security Vulnerabilities
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability
CVE-2023-28076
7.5 - High
- May 16, 2023
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure.
Use of a Broken or Risky Cryptographic Algorithm
Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability
CVE-2022-34380
8.2 - High
- September 01, 2022
Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system.
authentification
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability
CVE-2022-34379
9.8 - Critical
- September 01, 2022
Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system.
authentification
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests
CVE-2022-24414
6.5 - Medium
- May 26, 2022
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks.
Information Disclosure
Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability
CVE-2021-36313
7.2 - High
- November 23, 2021
Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.
Shell injection
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability
CVE-2021-36312
9.1 - Critical
- November 23, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system.
Use of Hard-coded Password
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Cloudlink or by Dell? Click the Watch button to subscribe.
