Lucene search

[email protected]CVE-2020-5349

HistoryJul 19, 2021 - 10:15 p.m.

CVE-2020-5349

2021-07-1922:15:09

CWE-798

[email protected]

web.nvd.nist.gov

cve-2020-5349

dell

emc

networking

s4100

s5200

switches

vulnerability

hardcoded credential

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a hardcoded credential vulnerability. A remote unauthenticated malicious user could exploit this vulnerability and gain administrative privileges.

Affected configurations

NVD

Node

dellemc_powerswitch_s4112f-onMatch-

dellemc_powerswitch_s4112t-onMatch-

dellemc_powerswitch_s4128f-onMatch-

dellemc_powerswitch_s4128t-onMatch-

dellemc_powerswitch_s4148f-onMatch-

dellemc_powerswitch_s4148fe-onMatch-

dellemc_powerswitch_s4148t-onMatch-

dellemc_powerswitch_s4148u-onMatch-

dellemc_powerswitch_s5212f-on

dellemc_powerswitch_s5224f-onMatch-

dellemc_powerswitch_s5232f-onMatch-

dellemc_powerswitch_s5248f-onMatch-

dellemc_powerswitch_s5296f-onMatch-

CPENameOperatorVersion
dell:emc_powerswitch_s4112f-ondell emc powerswitch s4112f-oneq-
dell:emc_powerswitch_s4112t-ondell emc powerswitch s4112t-oneq-
dell:emc_powerswitch_s4128f-ondell emc powerswitch s4128f-oneq-
dell:emc_powerswitch_s4128t-ondell emc powerswitch s4128t-oneq-
dell:emc_powerswitch_s4148f-ondell emc powerswitch s4148f-oneq-
dell:emc_powerswitch_s4148fe-ondell emc powerswitch s4148fe-oneq-
dell:emc_powerswitch_s4148t-ondell emc powerswitch s4148t-oneq-
dell:emc_powerswitch_s4148u-ondell emc powerswitch s4148u-oneq-
dell:emc_powerswitch_s5212f-ondell emc powerswitch s5212f-oneq*
dell:emc_powerswitch_s5224f-ondell emc powerswitch s5224f-oneq-

CPE	Name	Operator	Version
dell:emc_powerswitch_s4112f-on	dell emc powerswitch s4112f-on	eq	-
dell:emc_powerswitch_s4112t-on	dell emc powerswitch s4112t-on	eq	-
dell:emc_powerswitch_s4128f-on	dell emc powerswitch s4128f-on	eq	-
dell:emc_powerswitch_s4128t-on	dell emc powerswitch s4128t-on	eq	-
dell:emc_powerswitch_s4148f-on	dell emc powerswitch s4148f-on	eq	-
dell:emc_powerswitch_s4148fe-on	dell emc powerswitch s4148fe-on	eq	-
dell:emc_powerswitch_s4148t-on	dell emc powerswitch s4148t-on	eq	-
dell:emc_powerswitch_s4148u-on	dell emc powerswitch s4148u-on	eq	-
dell:emc_powerswitch_s5212f-on	dell emc powerswitch s5212f-on	eq	*
dell:emc_powerswitch_s5224f-on	dell emc powerswitch s5224f-on	eq	-

Rows per page:

1-10 of 131

CNA Affected

[
  {
    "product": "Networking",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "S4100 and S5200"
      }
    ]
  }
]

References

www.dell.com/support/article/en-us/sln320599/dsa-2020-074-dell-networking-security-update-for-a-hardcoded-credential-vulnerability?lang=en

Social References

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

Related for CVE-2020-5349

prion1 cvelist1 nvd1