ID
VAR-202007-1292
CVE
CVE-2020-5352
TITLE
Dell EMC Data Protection Advisor In OS Command injection vulnerabilities
Trust: 0.8
sources:
JVNDB: JVNDB-2020-007623
DESCRIPTION
Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system. (DoS) It may be put into a state. The product supports functions such as data backup, data recovery, and data replication management
Trust: 1.71
sources:
NVD: CVE-2020-5352 //
JVNDB: JVNDB-2020-007623 //
VULHUB: VHN-183477
AFFECTED PRODUCTS
| vendor: | dell | model: | emc data protection advisor | scope: | eq | version: | 6.5 | Trust: 1.0 |
| vendor: | dell | model: | emc data protection advisor | scope: | eq | version: | 18.1 | Trust: 1.0 |
| vendor: | dell | model: | emc data protection advisor | scope: | eq | version: | 6.4 | Trust: 1.0 |
| vendor: | dell emc old emc | model: | data protection advisor | scope: | eq | version: | 18.1 | Trust: 0.8 |
| vendor: | dell emc old emc | model: | data protection advisor | scope: | eq | version: | 6.4 | Trust: 0.8 |
| vendor: | dell emc old emc | model: | data protection advisor | scope: | eq | version: | 6.5 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-007623 //
NVD: CVE-2020-5352
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-183477 //
JVNDB: JVNDB-2020-007623 //
CNNVD: CNNVD-202007-259 //
NVD: CVE-2020-5352 //
NVD: CVE-2020-5352
PROBLEMTYPE DATA
| problemtype: | CWE-78 | Trust: 1.9 |
sources:
VULHUB: VHN-183477 //
JVNDB: JVNDB-2020-007623 //
NVD: CVE-2020-5352
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202007-259
TYPE
operating system commend injection
Trust: 0.6
sources:
CNNVD: CNNVD-202007-259
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-007623
PATCH
| title: | DSA-2020-081: Dell EMC Data Protection Advisor OS Command Injection Vulnerability | url: | https://www.dell.com/support/security/en-us/details/542719/DSA-2020-081-Dell-EMC-Data-Protection-Advisor-OS-Command-Injection-Vulnerability | Trust: 0.8 |
| title: | Dell EMC Data Protection Advisor Fixes for operating system command injection vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123160 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-007623 //
CNNVD: CNNVD-202007-259
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-5352 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2020-007623 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202007-259 | Trust: 0.7 |
| db: | NSFOCUS | id: | 47110 | Trust: 0.6 |
| db: | CNVD | id: | CNVD-2020-50496 | Trust: 0.1 |
| db: | VULHUB | id: | VHN-183477 | Trust: 0.1 |
sources:
VULHUB: VHN-183477 //
JVNDB: JVNDB-2020-007623 //
CNNVD: CNNVD-202007-259 //
NVD: CVE-2020-5352
REFERENCES
| url: | https://www.dell.com/support/security/en-us/details/542719/dsa-2020-081-dell-emc-data-protection-advisor-os-command-injection-vulnerability | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-5352 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5352 | Trust: 0.8 |
| url: | http://www.nsfocus.net/vulndb/47110 | Trust: 0.6 |
sources:
VULHUB: VHN-183477 //
JVNDB: JVNDB-2020-007623 //
CNNVD: CNNVD-202007-259 //
NVD: CVE-2020-5352
SOURCES
| db: | VULHUB | id: | VHN-183477 |
| db: | JVNDB | id: | JVNDB-2020-007623 |
| db: | CNNVD | id: | CNNVD-202007-259 |
| db: | NVD | id: | CVE-2020-5352 |
LAST UPDATE DATE
2024-11-23T22:05:33.344000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-183477 | date: | 2020-07-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-007623 | date: | 2020-08-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-202007-259 | date: | 2020-07-14T00:00:00 |
| db: | NVD | id: | CVE-2020-5352 | date: | 2024-11-21T05:33:58.040 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-183477 | date: | 2020-07-06T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-007623 | date: | 2020-08-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-202007-259 | date: | 2020-07-06T00:00:00 |
| db: | NVD | id: | CVE-2020-5352 | date: | 2020-07-06T18:15:20.637 |