Vulnerability Database

322,573

Total vulnerabilities in the database

CVE-2020-5341

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated attacker could exploit this vulnerability to send a serialized payload that would execute code on the system.

Published: Jul 28, 2021
Updated: Nov 16, 2025
CVE: CVE-2020-5341
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-502

OWASP TOP 10:

A8 - Insecure Deserialization

Affected Software
References

Software	From	Fixed in
dell / emc_integrated_data_protection_appliance_firmware	2.1	2.1.x
dell / emc_integrated_data_protection_appliance_firmware	2.2	2.2.x
dell / emc_integrated_data_protection_appliance_firmware	2.0	2.0.x
dell / emc_avamar_server	7.4.1	7.4.1.x
dell / emc_avamar_server	7.5.0	7.5.0.x
dell / emc_avamar_server	7.5.1	7.5.1.x
dell / emc_avamar_server	18.2	18.2.x
dell / emc_avamar_server	19.1	19.1.x
dell / emc_integrated_data_protection_appliance_firmware	2.4	2.4.x
dell / emc_integrated_data_protection_appliance_firmware	2.3	2.3.x
dell / emc_avamar_server	19.2	19.2.x
dell / emc_integrated_data_protection_appliance_firmware	2.4.1	2.4.1.x
dell / emc_avamar_server	18.1	18.1.x

https://www.dell.com/support/security/en-us/details/541677/DSA-2020-057-Dell-EMC-Avamar-Server-Deserialization-of-Untrusted-Data-Vulnerability

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo