CVE-2020-5374

Published: Jul 14, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices.

Affected (2)

Products: Dell: Emc Omimssc For Sccm, Emc Omimssc For Scvmm

2 products

Emc Omimssc For Sccm

Emc Omimssc For Scvmm

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Omimssc For Sccm	Before 7.2.1
Dell Emc Omimssc For Scvmm	Before 7.2.1

Related CWEs

Plaintext Storage of a Password

Storing a password in plaintext may result in a system compromise.

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

https://www.dell.com/support/article/en-us/sln322169/dsa-2020-163-dell-emc-openmanage-integration-for-microsoft-system-center-multiple-vulnerabilities?lang=en

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/article/en-us/sln322169/dsa-2020-163-dell-emc-openmanage-integration-for-microsoft-system-center-multiple-vulnerabilities?lang=en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.