8.1
CVE-2020-5330
- EPSS 20.57%
- Veröffentlicht 10.04.2020 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:33:55
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability. A remote unauthenticated attacker could exploit this vulnerability to retrieve sensitive data by sending a specially crafted request to the affected endpoints.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ R1-2210 Firmware Version <= 3.0.1.2
Dell ≫ R1-2401 Firmware Version <= 3.0.1.2
Dell ≫ Pc5500 Firmware Version <= 4.1.0.22
Dell ≫ X1000 Firmware Version <= 2.0.0.77
Dell ≫ X4012 Firmware Version <= 2.0.0.77
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 20.57% | 0.954 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| security_alert@emc.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.