CVE-2020-29499

MEDIUM

Dell EMC PowerStore <1.0.3.0.5.006 - Command Injection

Title source: llm
STIX 2.1

Description

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/000180775

Scores

CVSS v3 6.4
EPSS 0.0016
EPSS Percentile 36.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
dell/emc_powerstore < 1.0.3.0.5.007
Published Jul 19, 2021
Tracked Since Feb 18, 2026