This page lists publicly disclosed CVE vulnerabilities affecting dell cloudlink (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-46424 | Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service. | [email protected] | 6.7 | 0.01% | 2025-11-05 | 2025-11-07 |
| CVE-2025-46366 | Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information. | [email protected] | 6.7 | 0.01% | 2025-11-05 | 2025-11-07 |
| CVE-2025-46365 | Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink. | [email protected] | 5.3 | 0.03% | 2025-11-05 | 2025-11-07 |
| CVE-2025-46364 | Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system. | [email protected] | 9.1 | 0.05% | 2025-11-05 | 2025-11-07 |
| CVE-2025-45379 | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system. | [email protected] | 8.4 | 0.10% | 2025-11-05 | 2025-11-07 |
| CVE-2025-45378 | Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password. | [email protected] | 9.1 | 0.05% | 2025-11-05 | 2025-11-07 |
| CVE-2025-30479 | Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system. | [email protected] | 8.4 | 0.29% | 2025-11-05 | 2025-11-07 |
| CVE-2025-26484 | Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. | [email protected] | 5.5 | 0.05% | 2025-08-14 | 2025-08-18 |
| CVE-2024-38482 | CloudLink, versions 7.1.x and 8.x, contain an Improper check or handling of Exceptional Conditions Vulnerability in Cluster Component. A highly privileged malicious user with remote access could potentially exploit this vulnerability, leading to execute unauthorized actions and retrieve sensitive information from the database. | [email protected] | 6.6 | 0.47% | 2024-08-02 | 2024-09-05 |
| CVE-2024-37137 | Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability, leading to privileged information disclosure. | [email protected] | 3.8 | 0.04% | 2024-06-28 | 2025-02-03 |
| CVE-2023-28076 | CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability leading to some information disclosure. | [email protected] | 5.9 | 0.15% | 2023-05-16 | 2024-11-21 |
| CVE-2022-34380 | Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Channel Vulnerability. A high privileged local attacker may potentially exploit this vulnerability leading to authentication bypass and access the CloudLink system console. This is critical severity vulnerability as it allows attacker to take control of the system. | [email protected] | 9.3 | 0.05% | 2022-09-01 | 2024-11-21 |
| CVE-2022-34379 | Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could potentially exploit this vulnerability to gain unauthorized access to the system. | [email protected] | 9.4 | 1.41% | 2022-09-01 | 2024-11-21 |
| CVE-2022-24414 | Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attacks. | [email protected] | 7.6 | 0.33% | 2022-05-26 | 2024-11-21 |
| CVE-2021-36313 | Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the | [email protected] | 9.1 | 1.04% | 2021-11-23 | 2024-11-21 |
| CVE-2021-36312 | Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privileged attacker, with the knowledge of the hard-coded credentials, may potentially exploit this vulnerability to gain unauthorized access to the system. | [email protected] | 9.1 | 0.21% | 2021-11-23 | 2024-11-21 |