DSA-2020-080: Dell EMC Data Protection Advisor Hard-Coded Credential Vulnerability

Den här artikeln gäller för Den här artikeln gäller inte för Den här artikeln är inte kopplad till någon specifik produkt. Alla produktversioner identifieras inte i den här artikeln.
Kolla in andra resurser

Påverkan

High

Information

Summary:    
Dell EMC Data Protection Advisor contains remediation for a hard-coded credential vulnerability that may be exploited by malicious users to compromise the affected system.

Hard-Coded Credential Vulnerability

Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1 contain a hard-coded credential vulnerability in an undocumented account with limited privileges. A remote unauthenticated malicious user with the knowledge of the hard-coded password, may log in to the system and gain read-only privileges.

  • CVE-2020-5351

7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Hard-Coded Credential Vulnerability

Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1 contain a hard-coded credential vulnerability in an undocumented account with limited privileges. A remote unauthenticated malicious user with the knowledge of the hard-coded password, may log in to the system and gain read-only privileges.

  • CVE-2020-5351

7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Dell Technologies rekommenderar att alla kunder beaktar både CVSS Base Score (baspoäng) och relevanta tidsmässiga och miljömässiga poäng som kan påverka den potentiella allvarlighetsgraden hos specifika säkerhetsrisker.

Berörda produkter och åtgärder

Affected products:    
Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1

Remediation:
The following Dell EMC Data Protection Advisor releases address this vulnerability:    

  • Dell EMC Data Protection Advisor 18.2

  • Dell EMC Data Protection Advisor 19.1

  • Dell EMC Data Protection Advisor 19.2

Dell EMC recommends all customers upgrade at the earliest opportunity.



Affected products:    
Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1

Remediation:
The following Dell EMC Data Protection Advisor releases address this vulnerability:    

  • Dell EMC Data Protection Advisor 18.2

  • Dell EMC Data Protection Advisor 19.1

  • Dell EMC Data Protection Advisor 19.2

Dell EMC recommends all customers upgrade at the earliest opportunity.



Bekräftelser

Dell EMC would like to thank Cyku from DEVCORE (https://devco.re) for reporting this vulnerability.

Relaterad information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridisk friskrivning

Berörda produkter

Data Protection Advisor

Produkter

Data Protection Advisor, Product Security Information
Artikelegenskaper
Artikelnummer: 000153683
Artikeltyp: Dell Security Advisory
Senast ändrad: 19 sep. 2025
Få svar på dina frågor från andra Dell-användare
Supporttjänster
Kontrollera om din enhet omfattas av supporttjänster.