← back
CVE-2020-5355

CVE-2020-5355

CVSS 4.3 MEDIUMEPSS 0.4%CWE-276
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Oct 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. This provides the remotesupport user and users with restricted shells more access than is intended.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected products
Dell · Isilon OneFS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.emc.com/kb/543561