CVE-2020-5367

Name of the Vulnerable Software and Affected Versions Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17 Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17 PowerMax OS Release 5978

Description The issue is related to an improper certificate validation, which could allow an unauthenticated remote attacker to carry out a man-in-the-middle attack. This is done by supplying a crafted certificate, enabling the attacker to intercept the victim's traffic, and potentially view or modify the victim's data in transit.

Recommendations For Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, update to version 9.1.0.17 or later. For Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, update to version 9.1.0.17 or later. For PowerMax OS Release 5978, update to a release that includes the fix for this issue.