CVE-2020-5319

HIGH

Dell EMC Unity/Unity XT/UnityVSA < 5.0.2.0.5.009 - Unauthenticated DoS via SSH

Title source: llm

Description

Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/security/en-us/details/540336/DSA-2020-019-Dell-EMC-Unity-Family-Dell-EMC-Unity-XT-Family-Denial-of-Service-Vulnerability

Scores

CVSS v3 7.5

EPSS 0.0106

EPSS Percentile 77.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-129

Status published

Products (3)

dell/emc_unity_operating_environment < 5.0.2.0.5.009

dell/emc_unity_xt_operating_environment < 5.0.2.0.5.009

dell/emc_unityvsa_operating_environment < 5.0.2.0.5.009

Published Feb 06, 2020

Tracked Since Feb 18, 2026