Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-5330

Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability. A remote unauthenticated attacker could exploit this vulnerability to retrieve sensitive data by sending a specially crafted request to the affected endpoints.

Published

2020-04-10T19:15:13.413

Last Modified

2024-11-21T05:33:55.537

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-200
  • Type: Secondary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System dell r1-2210_firmware ≤ 3.0.1.2 Yes
Hardware dell r1-2210 - No
Operating System dell r1-2401_firmware ≤ 3.0.1.2 Yes
Hardware dell r1-2401 - No
Operating System dell pc5500_firmware ≤ 4.1.0.22 Yes
Hardware dell pc5500 - No
Operating System dell x1000_firmware ≤ 2.0.0.77 Yes
Hardware dell x1000 - No
Operating System dell x4012_firmware ≤ 2.0.0.77 Yes
Hardware dell x4012 - No
References