Vulnerabilities > CVE-2020-5351 - Unspecified vulnerability in Dell EMC Data Protection Advisor 18.1/6.4/6.5

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

dell

NVD

Published: 2021-07-28

Updated: 2022-09-20

Summary

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only privileges.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell EMC Data Protection Advisor 6.4 Dell EMC Data Protection Advisor 6.5 Dell EMC Data Protection Advisor 18.1	3

References

https://www.dell.com/support/security/en-us/details/542649/DSA-2020-080-Dell-EMC-Data-Protection-Advisor-Hard-Coded-Credential-Vulnerability