CVE-2020-5345

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.

Published: Jun 23, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-5345
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CVSS v2:

Severity: Medium
Score: 5.5
AV:N/AC:L/Au:S/C:N/I:P/A:P

CWEs:

CWE-862

Affected Software
References

Software	From	Fixed in
dell / powermax_os	5978	5978.x
dell / emc_unisphere_for_powermax_virtual_appliance	-	9.1.0.17
dell / emc_unisphere_for_powermax	-	9.1.0.17

https://www.dell.com/support/security/en-us/details/544585/DSA-2020-065-Dell-EMC-Unisphere-for-PowerMax-Dell-EMC-Unisphere-for-PowerMax-Virtual-Appliance

Vulnerability Database

289,599

CVE-2020-5345