Dell Powerpath Management Appliance

Do you want an email whenever new security vulnerabilities are reported in Dell Powerpath Management Appliance?

By the Year

In 2024 there have been 0 vulnerabilities in Dell Powerpath Management Appliance . Last year Powerpath Management Appliance had 7 security vulnerabilities published. Right now, Powerpath Management Appliance is on track to have less security vulnerabilities in 2024 than it did last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	7	6.33
2022	0	0.00
2021	1	6.70
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Powerpath Management Appliance vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Dell Powerpath Management Appliance Security Vulnerabilities

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Stored Cross-site Scripting Vulnerability

CVE-2022-34451 4.8 - Medium - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability. An authenticated admin user could potentially exploit this vulnerability, to hijack user sessions or trick a victim application user into unknowingly send arbitrary requests to the server.

XSS

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability

CVE-2022-34450 6.7 - Medium - February 11, 2023

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root.

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability

CVE-2022-34449 6 - Medium - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability. Authenticated admin users can exploit the issue that leads to view and modifying sensitive information stored in the application.

Use of Hard-coded Credentials

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains a Cross-site Request Forgery vulnerability

CVE-2022-34448 8.8 - High - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions.

Session Riding

PowerPath Management Appliance with versions 3.3 & 3.2, 3.1 & 3.0 contains OS Command Injection vulnerability

CVE-2022-34447 7.2 - High - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user.

Shell injection

PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability

CVE-2022-34446 8.1 - High - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration.

PowerPath Management Appliance with versions 3.3, 3.2, 3.1 & 3.0 contains sensitive information disclosure vulnerability

CVE-2022-34452 2.7 - Low - February 10, 2023

PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. An Authenticated admin user can able to exploit the issue and view sensitive information stored in the logs.

Exposure of Resource to Wrong Sphere

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key

CVE-2021-43587 6.7 - Medium - December 21, 2021

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges.

Use of Hard-coded Cryptographic Key

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Dell Powerpath Management Appliance or by Dell? Click the Watch button to subscribe.

Dell
Vendor

Dell Powerpath Management Appliance
Product

Dell Powerpath Management Appliance

By the Year

Recent Dell Powerpath Management Appliance Security Vulnerabilities

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Stored Cross-site Scripting Vulnerability CVE-2022-34451 4.8 - Medium - February 11, 2023

PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability CVE-2022-34450 6.7 - Medium - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys vulnerability CVE-2022-34449 6 - Medium - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability CVE-2022-34448 8.8 - High - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability CVE-2022-34447 7.2 - High - February 11, 2023

PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability CVE-2022-34446 8.1 - High - February 11, 2023

PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability CVE-2022-34452 2.7 - Low - February 10, 2023

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key CVE-2021-43587 6.7 - Medium - December 21, 2021