CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5350

Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. A remote authenticated malicious user with root privileges could inject parameters in the ACM component APIs that could lead to manipulation of passwords and execution of malicious commands on ACM component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.4%

CVSS Severity

CVSS v3 Score 7.9

CVSS v2 Score 9.0

References

Products affected by CVE-2020-5350

Dell » Emc Integrated Data Protection Appliance » Version: 2.0

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.0
Dell » Emc Integrated Data Protection Appliance » Version: 2.1

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.1
Dell » Emc Integrated Data Protection Appliance » Version: 2.2

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.2
Dell » Emc Integrated Data Protection Appliance » Version: 2.3

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.3
Dell » Emc Integrated Data Protection Appliance » Version: 2.4

cpe:2.3:a:dell:emc_integrated_data_protection_appliance:2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5350

Products

Pricing

Contact Us