CVE-2020-5327
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Dell Encryption Enterprise | unspecified < 10.2.10 | affected |
Weaknesses
- CWE-502: CWE-502: Deserialization of Untrusted Data
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.