Vulnerability Details CVE-2019-3721
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing users from accessing the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.7%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 7.8
References
- http://www.securityfocus.com/bid/108092
- https://www.dell.com/support/article/us/en/04/sln316915/dsa-2019-060-dell-emc-open-manage-system-administrator-multiple-vulnerabilities?lang=en
- http://www.securityfocus.com/bid/108092
- https://www.dell.com/support/article/us/en/04/sln316915/dsa-2019-060-dell-emc-open-manage-system-administrator-multiple-vulnerabilities?lang=en
Products affected by CVE-2019-3721
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.1
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.2
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.1
-
cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.2