Article Number: 000180775
High
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2020-29499 |
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain an OS Command Injection vulnerability in PowerStore X environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
CVE-2020-29500 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 7.5 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
CVE-2020-29501 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
CVE-2020-29502 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 7.5 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
CVE-2020-29503 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory. | 4.1 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2020-29499 |
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain an OS Command Injection vulnerability in PowerStore X environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
CVE-2020-29500 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 7.5 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
CVE-2020-29501 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 6.4 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
CVE-2020-29502 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 7.5 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H |
CVE-2020-29503 | Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory. | 4.1 | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
Product | Affected Version(s) | Updated Version(s) | Link to Update |
Dell EMC PowerStore | Versions prior to 1.0.3.0.5.007 | 1.0.3.0.5.007 | https://www.dell.com/support/software/us/en/4#/registration |
Product | Affected Version(s) | Updated Version(s) | Link to Update |
Dell EMC PowerStore | Versions prior to 1.0.3.0.5.007 | 1.0.3.0.5.007 | https://www.dell.com/support/software/us/en/4#/registration |
None
Revision | Date | Description |
1.0 | 2020-12-15 | Initial Release |
PowerStore, PowerStore 1000T, PowerStore 3000T, PowerStore 5000T, PowerStore 7000X, PowerStore 7000T, PowerStore 9000X, PowerStore 9000T
14 Dec 2020
Dell Security Advisory