PT-2020-18417 · Dell Emc · Dell Emc Unisphere For Powermax+2

Published

2020-06-23

Updated

2020-07-02

CVE-2020-5345

CVSS v3.1

6.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17 Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17 PowerMax OS Release 5978

Description The issue allows an authenticated malicious user to potentially execute commands, which could alter or stop database statistics, due to an authorization bypass.

Recommendations For Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, update to version 9.1.0.17 or later. For Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, update to version 9.1.0.17 or later. For PowerMax OS Release 5978, update to a release that contains the fix for this issue.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-602CWE-862

Related Identifiers

CVE-2020-5345

Affected Products

Dell Emc Unisphere For Powermax

Dell Emc Unisphere For Vmax Virtual Appliance

Powermax Os

PT-2020-18417 · Dell Emc · Dell Emc Unisphere For Powermax+2

CVE-2020-5345

Weakness Enumeration

Related Identifiers

Affected Products

References · 3