← Back

CVE-2020-5319

nvd nist
Published: Feb 6, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence.

Affected (3)

Dell
3 products
Emc Unity Operating Environment
Emc Unity Xt Operating Environment
Emc Unityvsa Operating Environment
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Emc Unity Operating Environment
Before 5.0.2.0.5.009
Emc Unity Xt Operating Environment
Before 5.0.2.0.5.009
Emc Unityvsa Operating Environment
Before 5.0.2.0.5.009

Related CWEs

CWE-129
Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (2)

Source: security_alert@emc.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.