CVE-2020-5345

MEDIUM

Dell EMC Unisphere for PowerMax < 9.1.0.17 - Authenticated Authorization Bypass

Title source: llm

Description

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance

Scores

CVSS v3 6.4

EPSS 0.0075

EPSS Percentile 49.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Details

CWE

CWE-862 CWE-602

Status published

Products (3)

dell/emc_unisphere_for_powermax < 9.1.0.17

dell/emc_unisphere_for_powermax_virtual_appliance < 9.1.0.17

dell/powermax_os 5978

Published Jun 23, 2020

Tracked Since Feb 18, 2026