Dell Cloudlink
20 CVEs affecting Dell Cloudlink. Latest disclosed: 2025-11-05. Critical: 5, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-34379 | Critical | 9.4 | 2022-09-01 | Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory u… |
CVE-2022-34380 | Critical | 9.3 | 2022-09-01 | Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attack… |
CVE-2025-45378 | Critical | 9.1 | 2025-11-05 | Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of Cl… |
CVE-2021-36313 | Critical | 9.1 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vu… |
CVE-2021-36312 | Critical | 9.1 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-co… |
CVE-2025-45379 | High | 8.4 | 2025-11-05 | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell… |
CVE-2025-30479 | High | 8.4 | 2025-11-05 | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. |
CVE-2022-24414 | High | 7.6 | 2022-05-26 | Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server… |
CVE-2021-36314 | High | 7.1 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary File Creation Vulnerability. A remote unauthenticated attacker, may potentially exploit this… |
CVE-2025-46366 | Medium | 6.7 | 2025-11-05 | Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the da… |
CVE-2025-46424 | Medium | 6.7 | 2025-11-05 | Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could pot… |
CVE-2024-38482 | Medium | 6.6 | 2024-08-02 | CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged mali… |
CVE-2023-28076 | Medium | 5.9 | 2023-05-16 | CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially e… |
CVE-2021-36334 | Medium | 5.9 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A remote high privileged attacker, may potentially exploit this vu… |
CVE-2025-26484 | Medium | 5.5 | 2025-08-14 | Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with re… |
CVE-2021-36333 | Medium | 5.5 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflow Vulnerability. A local low privileged attacker, may potentially exploit this vulnerabil… |
CVE-2021-36332 | Medium | 5.4 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit… |
CVE-2025-46365 | Medium | 5.3 | 2025-11-05 | Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection… |
CVE-2021-36335 | Medium | 4.3 | 2021-11-23 | Dell EMC CloudLink 7.1 and all prior versions contain an Improper Input Validation Vulnerability. A remote low privileged attacker, may potentially exploit thi… |
CVE-2024-37137 | Low | 3.8 | 2024-06-28 | Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker cou… |