Lucene search

DellCVELIST:CVE-2020-5360

HistoryDec 16, 2020 - 3:50 p.m.

CVE-2020-5360

2020-12-1615:50:15

CWE-127

dell

www.cve.org

dell bsafe

buffer under-read

remote attacker

vulnerability

crash

undefined behaviour

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

51.4%

JSON

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.

CNA Affected

[
  {
    "product": "Dell BSAFE Micro Edition Suite",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "4.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000181098/dsa-2020-114-dell-bsafe-micro-edition-suite-multiple-security-vulnerabilities

www.oracle.com/security-alerts/cpuApr2021.html

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

51.4%

JSON

Related for CVELIST:CVE-2020-5360