Overview
- Description
- Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability. An authenticated malicious user may potentially execute commands to alter or stop database statistics.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5.5
- Impact score
- 4.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:P/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:emc_unisphere_for_powermax:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84776CBA-3B9A-4059-A37A-C9A7B659D86E",
"versionEndExcluding": "9.1.0.17"
},
{
"criteria": "cpe:2.3:a:dell:emc_unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "231DD213-6699-440E-9B76-B68456140389",
"versionEndExcluding": "9.1.0.17"
},
{
"criteria": "cpe:2.3:o:dell:powermax_os:5978:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43696C46-48E8-43E4-9387-77CE1B2BD401"
}
],
"operator": "OR"
}
]
}
]