CVE-2020-29499
published 2021-07-19CVE-2020-29499: Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated…
PriorityP433medium6.7CVSS 3.1
AVLACLPRHUINSUCHIHAH
EPSS
0.42%
33.5th percentile
Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | emc_powerstore | < 1.0.3.0.5.007 | 1.0.3.0.5.007 |
| dell | powerstore | >= unspecified < PowerStore SW 1.0.3.0.5.006 | PowerStore SW 1.0.3.0.5.006 |
CVSS provenance
nvdv3.16.7MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-07-19
Published