Vulnerability Details CVE-2021-21513
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.2%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 7.5
References
- https://www.dell.com/support/kbdoc/en-us/000183670/dsa-2021-040-dell-emc-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities
- https://www.tenable.com/security/research/tra-2021-07
- https://www.dell.com/support/kbdoc/en-us/000183670/dsa-2021-040-dell-emc-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities
- https://www.tenable.com/security/research/tra-2021-07
Products affected by CVE-2021-21513
-
cpe:2.3:a:dell:openmanage_server_administrator:-
-
cpe:2.3:a:dell:openmanage_server_administrator:1.00.0000
-
cpe:2.3:a:dell:openmanage_server_administrator:4.3.0
-
cpe:2.3:a:dell:openmanage_server_administrator:4.4.0
-
cpe:2.3:a:dell:openmanage_server_administrator:4.5.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.0.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.1.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.1.0.1
-
cpe:2.3:a:dell:openmanage_server_administrator:5.2.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.3.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.4.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.5.0
-
cpe:2.3:a:dell:openmanage_server_administrator:5.5.0.1
-
cpe:2.3:a:dell:openmanage_server_administrator:6.2.0
-
cpe:2.3:a:dell:openmanage_server_administrator:6.3.0
-
cpe:2.3:a:dell:openmanage_server_administrator:6.4.0
-
cpe:2.3:a:dell:openmanage_server_administrator:6.5.0
-
cpe:2.3:a:dell:openmanage_server_administrator:6.5.0.1
-
cpe:2.3:a:dell:openmanage_server_administrator:7.0.0
-
cpe:2.3:a:dell:openmanage_server_administrator:7.0.0.1
-
cpe:2.3:a:dell:openmanage_server_administrator:7.1.0
-
cpe:2.3:a:dell:openmanage_server_administrator:7.1.0.1
-
cpe:2.3:a:dell:openmanage_server_administrator:7.2.0
-
cpe:2.3:a:dell:openmanage_server_administrator:7.3.0
-
cpe:2.3:a:dell:openmanage_server_administrator:8.2
-
cpe:2.3:a:dell:openmanage_server_administrator:9.5.0.0