Lucene search

DellCVELIST:CVE-2020-5329

HistoryJul 29, 2021 - 3:55 p.m.

CVE-2020-5329

2021-07-2915:55:14

CWE-601

dell

www.cve.org

dell emc avamar server

open redirect

remote unauthenticated attacker

maliciously crafted links

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.0%

JSON

Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

CNA Affected

[
  {
    "product": "Avamar",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "7.3.1, 7.4.1"
      }
    ]
  }
]

References

www.dell.com/support/security/en-us/details/541529/DSA-2020-046-Dell-EMC-Avamar-Server-Open-Redirect-Vulnerability

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.0%

JSON

Related for CVELIST:CVE-2020-5329