CVE-2020-5351

Name of the Vulnerable Software and Affected Versions Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1

Description The issue concerns an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with knowledge of the hard-coded password may login to the system and gain read-only privileges.

Recommendations For versions 6.4, 6.5, and 18.1, consider changing the hard-coded password of the undocumented account to a unique and secure password to prevent unauthorized access. As a temporary workaround, restrict access to the system to minimize the risk of exploitation until a more permanent solution is available. Avoid using the default configuration that includes the hard-coded password for the undocumented account.