CVE-2020-29490

Published: Jan 5, 2021Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a Denial of Service vulnerability on NAS Servers with NFS exports. A remote authenticated attacker could potentially exploit this vulnerability and cause Denial of Service (Storage Processor Panic) by sending specially crafted UDP requests.

Affected (3)

Products: Dell: Emc Unity Operating Environment, Emc Unity Vsa Operating Environment, Emc Unity Xt Operating Environment

Dell

3 products

Emc Unity Operating Environment

Emc Unity Vsa Operating Environment

Emc Unity Xt Operating Environment

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Unity Operating Environment	Before 5.0.4.0.5.012
Dell Emc Unity Vsa Operating Environment	Before 5.0.4.0.5.012
Dell Emc Unity Xt Operating Environment	Before 5.0.4.0.5.012

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://www.dell.com/support/kbdoc/000181248

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/000181248

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.