cvelist/2020/5xxx/CVE-2020-5365.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2020-05-15",
        "ID": "CVE-2020-5365",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Isilon OneFS",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "8.2.2"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Dell"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other support functions. Although the default password is different for every cluster, it is predictable."
            }
        ]
    },
    "impact": {
        "cvss": {
            "baseScore": 5.3,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-341: Predictable from Observable State"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://www.dell.com/support/security/en-us/details/543775/DSA-2020-124-Dell-EMC-Isilon-OneFS-Security-Update-for-Multiple-Vulnerabilities",
                "name": "https://www.dell.com/support/security/en-us/details/543775/DSA-2020-124-Dell-EMC-Isilon-OneFS-Security-Update-for-Multiple-Vulnerabilities"
            }
        ]
    }
}
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`{`
			`"CVE_data_meta": {`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"ASSIGNER": "secure@dell.com",`
			`"DATE_PUBLIC": "2020-05-15",`
			`"ID": "CVE-2020-5365",`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`},`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"product_name": "Isilon OneFS",`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"version": {`
			`"version_data": [`
			`{`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"version_affected": "<",`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"version_value": "8.2.2"`
			`}`
			`]`
			`}`
			`}`
			`]`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`},`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"vendor_name": "Dell"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`"description": {`
			`"description_data": [`
			`{`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"lang": "eng",`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"value": "Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other support functions. Although the default password is different for every cluster, it is predictable."`
			`}`
			`]`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`},`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"impact": {`
			`"cvss": {`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"baseScore": 5.3,`
			`"baseSeverity": "Medium",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"version": "3.1"`
			`}`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`},`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"lang": "eng",`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"value": "CWE-341: Predictable from Observable State"`
			`}`
			`]`
			`}`
			`]`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`},`
Added CVE-2020-5364,5365 2020-05-20 16:39:05 -04:00			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2020-05-20 21:01:26 +00:00			`"refsource": "MISC",`
			`"url": "https://www.dell.com/support/security/en-us/details/543775/DSA-2020-124-Dell-EMC-Isilon-OneFS-Security-Update-for-Multiple-Vulnerabilities",`
			`"name": "https://www.dell.com/support/security/en-us/details/543775/DSA-2020-124-Dell-EMC-Isilon-OneFS-Security-Update-for-Multiple-Vulnerabilities"`
"-Synchronized-Data." 2020-01-03 14:01:42 +00:00			`}`
			`]`
			`}`
			`}`