← Back

Emc Openmanage Server Administrator

emc_openmanage_server_administrator

Vendor: Dell • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-43079
1Dell
1Emc Openmanage Server Administrator
Nov 21, 2024
Oct 13, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitra...Show more
Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise. Show less
CVE-2020-5377
1Dell
1Emc Openmanage Server Administrator
Nov 21, 2024
Jul 28, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a craf...Show more
Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station.Show less
CVE-2019-3723
1Dell
1Emc Openmanage Server Administrator
Nov 21, 2024
Jun 6, 2019
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of...Show more
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete the contents of any existing file, due to improper input parameter validationShow less
CVE-2019-3722
1Dell
1Emc Openmanage Server Administrator
Nov 21, 2024
Jun 6, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit thi...Show more
Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially crafted document type definitions (DTDs) in an XML request.Show less
CVE-2019-3721
1Dell
1Emc Openmanage Server Administrator
Nov 21, 2024
Apr 25, 2019
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to c...Show more
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing users from accessing the system.Show less
CVE-2019-3720
1Dell
1Emc Openmanage Server Administrator
Nov 21, 2024
Apr 25, 2019
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. A remote authenticated malicious user with admin privileges could potentially exploit this vulnerabili...Show more
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. A remote authenticated malicious user with admin privileges could potentially exploit this vulnerability to gain unauthorized access to the file system by exploiting insufficient sanitization of input parameters.Show less