Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

High

Détails

Summary:    
Dell EMC Data Protection Advisor contains remediation for a hard-coded credential vulnerability that may be exploited by malicious users to compromise the affected system.

Hard-Coded Credential Vulnerability

Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1 contain a hard-coded credential vulnerability in an undocumented account with limited privileges. A remote unauthenticated malicious user with the knowledge of the hard-coded password, may log in to the system and gain read-only privileges.

  • CVE-2020-5351

7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Hard-Coded Credential Vulnerability

Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1 contain a hard-coded credential vulnerability in an undocumented account with limited privileges. A remote unauthenticated malicious user with the knowledge of the hard-coded password, may log in to the system and gain read-only privileges.

  • CVE-2020-5351

7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Affected products:    
Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1

Remediation:
The following Dell EMC Data Protection Advisor releases address this vulnerability:    

  • Dell EMC Data Protection Advisor 18.2

  • Dell EMC Data Protection Advisor 19.1

  • Dell EMC Data Protection Advisor 19.2

Dell EMC recommends all customers upgrade at the earliest opportunity.



Affected products:    
Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1

Remediation:
The following Dell EMC Data Protection Advisor releases address this vulnerability:    

  • Dell EMC Data Protection Advisor 18.2

  • Dell EMC Data Protection Advisor 19.1

  • Dell EMC Data Protection Advisor 19.2

Dell EMC recommends all customers upgrade at the earliest opportunity.



Remerciements

Dell EMC would like to thank Cyku from DEVCORE (https://devco.re) for reporting this vulnerability.

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Data Protection Advisor

Produits

Data Protection Advisor, Product Security Information
Propriétés de l’article
Numéro d’article: 000153683
Type d’article: Dell Security Advisory
Dernière modification: 19 sept. 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.