CVE-2020-35170 Information
Jun 07, 2022
cve
Description
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9 Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16 and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated users’ sessions.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Reference
https://www.dell.com/support/kbdoc/000181212
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
5.4
Share on: