CVE-2020-5345 MEDIUM

CVE-2020-5345

Vendor Dell
Product Unisphere for PowerMax
Weakness CWE-602 · Client-side enforcement
Published June 23, 2020
Last update September 17, 2024

CVSS base score

6.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

What the vulnerability does

01Description

Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.

Key dates

02Disclosure timeline

June 23, 2020 CVE published
September 17, 2024 Record updated