PT-2020-18436 · Dell Emc · Dell Emc Powerstore

Published

2020-07-06

Updated

2020-07-13

CVE-2020-5372

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Dell EMC PowerStore versions prior to 1.0.1.0.5.002

Description The issue exposes test interface ports to the external network, allowing a remote unauthenticated attacker to potentially cause Denial of Service via these ports, which are not used during the runtime environment.

Recommendations For versions prior to 1.0.1.0.5.002, update to version 1.0.1.0.5.002 or later to resolve the issue. As a temporary workaround, consider restricting access to the test interface ports to minimize the risk of exploitation.

Fix

Incorrect Authorization

Unsafe Debug Access Level

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-1244

Related Identifiers

CVE-2020-5372

Affected Products

Dell Emc Powerstore

PT-2020-18436 · Dell Emc · Dell Emc Powerstore

CVE-2020-5372

Weakness Enumeration

Related Identifiers

Affected Products

References · 4