CVE-2020-5352: OS Command Injection
First published: Sun Apr 05 2020(Updated: )
Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on the affected system.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Data Protection Advisor Collector | =6.4 | |
| EMC Data Protection Advisor Collector | =6.5 | |
| EMC Data Protection Advisor Collector | =18.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-5352?
The severity of CVE-2020-5352 is critical, with a severity value of 8.8.
How does CVE-2020-5352 affect Dell EMC Data Protection Advisor?
CVE-2020-5352 affects Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1.
What is the vulnerability in Dell EMC Data Protection Advisor?
The vulnerability in Dell EMC Data Protection Advisor is an OS command injection vulnerability.
How can a malicious user exploit CVE-2020-5352?
A remote authenticated malicious user can exploit CVE-2020-5352 to execute arbitrary commands on the affected system.
Is there a fix available for CVE-2020-5352?
Yes, Dell has released a fix for CVE-2020-5352. Please refer to the provided reference link for more information.
- agent/type
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/emc data protection advisor collector
- version/emc data protection advisor collector/6.4
- version/emc data protection advisor collector/6.5
- version/emc data protection advisor collector/18.1