CVE-2020-5345 Vulnerability Details

  /     /     /  

CVE-2020-5345 Metadata Quick Info

CVE Published: 23/06/2020 | CVE Updated: 17/09/2024 | CVE Year: 2020
Source: dell | Vendor: Dell | Product: Unisphere for PowerMax
Status : PUBLISHED

---

CVE-2020-5345 Description

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.

Metrics

CVSS Version: 3.1 | Base Score: 6.4 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* LOW
    User Interaction (UI)* NONE
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* LOW
    Availability Impact (A)* LOW

Weakness Enumeration (CWE)

CWE-ID: CWE-602
CWE Name: CWE-602: Client-Side Enforcement of Server-Side Security
Source: Dell

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).