First published: Tue Jun 23 2020(Updated: )
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim's data in transit.
Credit: security_alert@emc.com security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell EMC Unisphere for PowerMax | <9.1.0.17 | |
Dell EMC Unisphere for PowerMax Virtual Appliance | <9.1.0.17 | |
Dell Powermax Os | =5978 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2020-5367 is high with a CVSS score of 8.1.
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 are affected by CVE-2020-5367.
CVE-2020-5367 is an improper certificate validation vulnerability.
An unauthenticated remote attacker may potentially exploit CVE-2020-5367.
You can find more information about CVE-2020-5367 at the following reference link: https://www.dell.com/support/kbdoc/en-uk/000153935/dsa-2020-065-dell-emc-unisphere-for-powermax-dell-emc-unisphere-for-powermax-virtual-appliance-and-dell-emc-powermax-embedded-management-update-for-multiple-vulnerabilities