CVE-2020-5341 vulnerability in Dell Products
Published on July 28, 2021
Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated attacker could exploit this vulnerability to send a serialized payload that would execute code on the system.
Vulnerability Analysis
CVE-2020-5341 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2020-5341 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Products Associated with CVE-2020-5341
stack.watch emails you whenever new vulnerabilities are published in Dell Emc Avamar Server or Dell Emc Integrated Data Protection Appliance Firmware. Just hit a watch button to start following.
Affected Versions
Dell Avamar Virtual Edition:- Version unspecified and below Avamar 7.5 Virtual Edition for VMware vSphere only is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.