7.8
CVSSv2

CVE-2020-5319

Published: 06/02/2020 Updated: 12/02/2020
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions before 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence.

Vulnerability Trend

Affected Products

Vendor Product Versions
DellEmc Unity Operating Environment4.0.0.7329527, 4.0.1.8194551, 4.0.1.8320161, 4.0.1.8404134, 4.0.2.8627717, 4.1.0.8940590, 4.1.0.8959731, 4.1.0.9058043, 4.1.1.9138882, 4.1.2.9257522, 4.2.0.9392909, 4.2.0.9476662, 4.2.1.9535982, 4.2.2.9632250, 4.2.3.9670635, 4.3.1.1525703027, 4.4.0.1534750794, 4.4.1.1539309879
DellEmc Unityvsa Operating Environment4.0.0.7329527, 4.0.1.8194551, 4.0.1.8320161, 4.0.1.8404134, 4.0.2.8627717, 4.1.0.8940590, 4.1.0.8959731, 4.1.0.9058043, 4.1.1.9138882, 4.1.2.9257522, 4.2.0.9392909, 4.2.0.9476662, 4.2.1.9535982, 4.2.2.9632250, 4.2.3.9670635, 4.3.1.1525703027, 4.4.0.1534750794, 4.4.1.1539309879