Vulnerability Details CVE-2019-3720
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain a Directory Traversal Vulnerability. A remote authenticated malicious user with admin privileges could potentially exploit this vulnerability to gain unauthorized access to the file system by exploiting insufficient sanitization of input parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.7%
CVSS Severity
CVSS v3 Score 4.9
CVSS v2 Score 4.0
References
- http://www.securityfocus.com/bid/108092
- https://www.dell.com/support/article/us/en/04/sln316915/dsa-2019-060-dell-emc-open-manage-system-administrator-multiple-vulnerabilities?lang=en
- http://www.securityfocus.com/bid/108092
- https://www.dell.com/support/article/us/en/04/sln316915/dsa-2019-060-dell-emc-open-manage-system-administrator-multiple-vulnerabilities?lang=en
Products affected by CVE-2019-3720
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.1
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.2
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.1
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.2