CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3722

Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially crafted document type definitions (DTDs) in an XML request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.186

EPSS Ranking 95.0%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2019-3722

Dell » Emc Openmanage Server Administrator » Version: 9.1

cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1
Dell » Emc Openmanage Server Administrator » Version: 9.1.0.1

cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.1
Dell » Emc Openmanage Server Administrator » Version: 9.1.0.2

cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.2
Dell » Emc Openmanage Server Administrator » Version: 9.2

cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2
Dell » Emc Openmanage Server Administrator » Version: 9.2.0.1

cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.1
Dell » Emc Openmanage Server Administrator » Version: 9.2.0.2

cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3722

Products

Pricing

Contact Us