Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 Files or Directories Accessible to External Parties Vulnerability

Summary

Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 suffers from files or directories accessible to external parties vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://www.dell.com/support/security/en-us/details/544733/DSA-2020-099-Dell-PowerProtect-Data-Manager-Improper-Authorization-Vulnerability


Details

Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect virtual machines.

 

Vulnerable Systems:

Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 

Dell PowerProtect X400 versions prior to 3.2

 

CVE Information:

CVE-2020-5356

 

Disclosure Timeline:
Published Date:7/6/2020

Categories: FeaturedNews