CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5385

Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.3%

CVSS Severity

CVSS v3 Score 6.7

CVSS v2 Score 7.2

References

Products affected by CVE-2020-5385

Dell » Encryption » Version: N/A

cpe:2.3:a:dell:encryption:-
Dell » Encryption » Version: 10.4.0

cpe:2.3:a:dell:encryption:10.4.0
Dell » Endpoint Security Suite Enterprise » Version: 2.0.1

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.0.1
Dell » Endpoint Security Suite Enterprise » Version: 2.4.0

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.4.0
Dell » Endpoint Security Suite Enterprise » Version: 2.7

cpe:2.3:a:dell:endpoint_security_suite_enterprise:2.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5385

Products

Pricing

Contact Us