CVE-2020-29490
moderate-risk
Published 2021-01-05
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a Denial of Service vulnerability on NAS Servers with NFS exports. A remote authenticated attacker could potentially exploit this vulnerability and cause Denial of Service (Storage Processor Panic) by sending specially crafted UDP requests.
Do I need to act?
-
0.54% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (3)
Emc Unity Vsa Operating Environment
Emc Unity Xt Operating Environment
Affected Vendors
References (2)
Vendor Advisory
https://www.dell.com/support/kbdoc/000181248
Vendor Advisory
https://www.dell.com/support/kbdoc/000181248
37
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
2/34 · Minimal
Exposure
9/34 · Low