ID
VAR-202002-1116
CVE
CVE-2020-5319
TITLE
plural Dell EMC Product Index Validation Vulnerability
Trust: 0.8
sources:
JVNDB: JVNDB-2020-001895
DESCRIPTION
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence. EMC UnityVSA is a virtual EMC Unity storage environment
Trust: 1.71
sources:
NVD: CVE-2020-5319 //
JVNDB: JVNDB-2020-001895 //
VULHUB: VHN-183444
AFFECTED PRODUCTS
| vendor: | dell | model: | emc unity xt operating environment | scope: | lt | version: | 5.0.2.0.5.009 | Trust: 1.0 |
| vendor: | dell | model: | emc unityvsa operating environment | scope: | lt | version: | 5.0.2.0.5.009 | Trust: 1.0 |
| vendor: | dell | model: | emc unity operating environment | scope: | lt | version: | 5.0.2.0.5.009 | Trust: 1.0 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 5.0.2.0.5.009 | Trust: 0.8 |
| vendor: | dell | model: | emc unity xt operating environment | scope: | eq | version: | 5.0.2.0.5.009 | Trust: 0.8 |
| vendor: | dell | model: | emc unityvsa operating environment | scope: | eq | version: | 5.0.2.0.5.009 | Trust: 0.8 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.0.0.7329527 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.0.2.8627717 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.1.0.9058043 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.0.1.8404134 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.0.1.8320161 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.1.0.8940590 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.0.1.8194551 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.1.0.8959731 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.1.1.9138882 | Trust: 0.6 |
| vendor: | dell | model: | emc unity operating environment | scope: | eq | version: | 4.1.2.9257522 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-001895 //
CNNVD: CNNVD-202002-186 //
NVD: CVE-2020-5319
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-183444 //
JVNDB: JVNDB-2020-001895 //
CNNVD: CNNVD-202002-186 //
NVD: CVE-2020-5319 //
NVD: CVE-2020-5319
PROBLEMTYPE DATA
| problemtype: | CWE-129 | Trust: 1.9 |
sources:
VULHUB: VHN-183444 //
JVNDB: JVNDB-2020-001895 //
NVD: CVE-2020-5319
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202002-186
TYPE
input validation error
Trust: 0.6
sources:
CNNVD: CNNVD-202002-186
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-001895
PATCH
| title: | DSA-2020-019: Dell EMC Unity Family, Dell EMC Unity XT Family: Denial of Service Vulnerability | url: | https://www.dell.com/support/security/en-us/details/540336/DSA-2020-019-Dell-EMC-Unity-Family-Dell-EMC-Unity-XT-Family-Denial-of-Service-Vulnerability | Trust: 0.8 |
| title: | Multiple Dell Product input verification error vulnerability fixes | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108699 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2020-001895 //
CNNVD: CNNVD-202002-186
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-5319 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2020-001895 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202002-186 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-183444 | Trust: 0.1 |
sources:
VULHUB: VHN-183444 //
JVNDB: JVNDB-2020-001895 //
CNNVD: CNNVD-202002-186 //
NVD: CVE-2020-5319
REFERENCES
| url: | https://www.dell.com/support/security/en-us/details/540336/dsa-2020-019-dell-emc-unity-family-dell-emc-unity-xt-family-denial-of-service-vulnerability | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-5319 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5319 | Trust: 0.8 |
sources:
VULHUB: VHN-183444 //
JVNDB: JVNDB-2020-001895 //
CNNVD: CNNVD-202002-186 //
NVD: CVE-2020-5319
SOURCES
| db: | VULHUB | id: | VHN-183444 |
| db: | JVNDB | id: | JVNDB-2020-001895 |
| db: | CNNVD | id: | CNNVD-202002-186 |
| db: | NVD | id: | CVE-2020-5319 |
LAST UPDATE DATE
2024-11-23T22:58:21.835000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-183444 | date: | 2020-02-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-001895 | date: | 2020-02-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-202002-186 | date: | 2020-03-02T00:00:00 |
| db: | NVD | id: | CVE-2020-5319 | date: | 2024-11-21T05:33:54.223 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-183444 | date: | 2020-02-06T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-001895 | date: | 2020-02-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-202002-186 | date: | 2020-02-06T00:00:00 |
| db: | NVD | id: | CVE-2020-5319 | date: | 2020-02-06T18:15:13.887 |