CVE-2020-5373

Published: Jul 14, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to retrieve the system inventory data of the managed device.

Affected (2)

Products: Dell: Emc Omimssc For Sccm, Emc Omimssc For Scvmm

2 products

Emc Omimssc For Sccm

Emc Omimssc For Scvmm

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Omimssc For Sccm	Before 7.2.1
Dell Emc Omimssc For Scvmm	Before 7.2.1

Related CWEs

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (2)

https://www.dell.com/support/article/en-us/sln322169/dsa-2020-163-dell-emc-openmanage-integration-for-microsoft-system-center-multiple-vulnerabilities?lang=en

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/article/en-us/sln322169/dsa-2020-163-dell-emc-openmanage-integration-for-microsoft-system-center-multiple-vulnerabilities?lang=en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.