CVE-2020-5345
23.06.2020, 20:15
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | emc_unisphere_for_powermax | 𝑥 < 9.1.0.17 |
| dell | emc_unisphere_for_powermax_virtual_appliance | 𝑥 < 9.1.0.17 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| dell | unisphere_for_powermax | 𝑥 < 9.1.0.17 | CNA |
Common Weakness Enumeration
- CWE-602 - Client-Side Enforcement of Server-Side SecurityThe product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
- CWE-862 - Missing AuthorizationThe software does not perform an authorization check when an actor attempts to access a resource or perform an action.
References