CVE-2020-5372

moderate-risk
Published 2020-07-06

Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interface ports to external network. A remote unauthenticated attacker could potentially cause Denial of Service via test interface ports which are not used during run time environment.

Do I need to act?

-
0.66% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.6/10 High
NETWORK / LOW complexity

Affected Products (5)

Emc Powerstore 1000 Firmware
Emc Powerstore 3000 Firmware
Emc Powerstore 5000 Firmware
Emc Powerstore 7000 Firmware
Emc Powerstore 9000 Firmware

Affected Vendors

Dell

References (2)

Vendor Advisory https://www.dell.com/support/security/en-us/details/544738/DSA-2020-159-Dell-EMC...
Vendor Advisory https://www.dell.com/support/security/en-us/details/544738/DSA-2020-159-Dell-EMC...
43
/ 100
moderate-risk
Severity 29/34 · Critical
Exploitability 2/34 · Minimal
Exposure 12/34 · Low