Vulnerability Description
Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability. A remote unauthenticated attacker could exploit this vulnerability to retrieve sensitive data by sending a specially crafted request to the affected endpoints.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | R1-2210 Firmware | <= 3.0.1.2 |
| Dell | R1-2210 | - |
| Dell | R1-2401 Firmware | <= 3.0.1.2 |
| Dell | R1-2401 | - |
| Dell | Pc5500 Firmware | <= 4.1.0.22 |
| Dell | Pc5500 | - |
| Dell | X1000 Firmware | <= 2.0.0.77 |
| Dell | X1000 | - |
| Dell | X4012 Firmware | <= 2.0.0.77 |
| Dell | X4012 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/171723/Cisco-Dell-Netgear-Information-DisclExploitThird Party AdvisoryVDB Entry
- https://www.dell.com/support/article/en-us/sln320366/dsa-2020-042-dell-emc-netwoVendor Advisory
- http://packetstormsecurity.com/files/171723/Cisco-Dell-Netgear-Information-DisclExploitThird Party AdvisoryVDB Entry
- https://www.dell.com/support/article/en-us/sln320366/dsa-2020-042-dell-emc-netwoVendor Advisory
FAQ
What is CVE-2020-5330?
CVE-2020-5330 is a vulnerability with a CVSS score of 8.1 (HIGH). Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 ...
How severe is CVE-2020-5330?
CVE-2020-5330 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5330?
Check the references section above for vendor advisories and patch information. Affected products include: Dell R1-2210 Firmware, Dell R1-2210, Dell R1-2401 Firmware, Dell R1-2401, Dell Pc5500 Firmware.