CVE-2020-35170

MEDIUM

Dell EMC Unisphere for PowerMax <9.1.0.9, <9.0.2.16 & 5978.221.221,...

Title source: llm
STIX 2.1

Description

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users’ sessions.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/000181212

Scores

CVSS v3 6.3
EPSS 0.0029
EPSS Percentile 52.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-79
Status published
Products (3)
dell/powermax_os 5978.221.221
dell/powermax_os 5978.479.479
dell/unisphere < 9.1.0.24
Published Jan 05, 2021
Tracked Since Feb 18, 2026