cbcvebase.

Dell Emc Openmanage Server Administrator vulnerabilities

6 known vulnerabilities affecting dell/emc_openmanage_server_administrator.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2020-5377P1CRITICALCVSS 9.1PoC≤ 9.42020-07-28
CVE-2020-5377 [CRITICAL] CWE-22 CVE-2020-5377: Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path travers Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management stat
nvd
CVE-2019-3723P3CRITICALCVSS 9.1v9.1v9.1.0.1+4 more2019-06-06
CVE-2019-3723 [CRITICAL] CWE-20 CVE-2019-3723: Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 conta Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete the contents of any existing file, due to improper inpu
nvd
CVE-2019-3722P3HIGHCVSS 7.5v9.1v9.1.0.1+4 more2019-06-06
CVE-2019-3722 [HIGH] CWE-611 CVE-2019-3722: Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 conta Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially crafted document type definitions (DTDs) in an XML request
nvd
CVE-2019-3721P3HIGHCVSS 7.5fixed in 9.3.02019-04-25
CVE-2019-3721 [HIGH] CWE-770 CVE-2019-3721: Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range H Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing u
nvd
CVE-2023-43079P3HIGHCVSS 7.8fixed in 11.0.1.02023-10-13
CVE-2023-43079 [HIGH] CWE-284 CVE-2023-43079: Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Cont Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise.
nvd
CVE-2019-3720P4MEDIUMCVSS 4.9fixed in 9.3.02019-04-25
CVE-2019-3720 [MEDIUM] CWE-22 CVE-2019-3720: Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Travers Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. A remote authenticated malicious user with admin privileges could potentially exploit this vulnerability to gain unauthorized access to the file system by exploiting insufficient sanitization of input parameters.
nvd
Dell Emc Openmanage Server Administrator vulnerabilities | cvebase