Path Traversal Vulnerabilities in Dell EMC OpenManage Server Administrator
CVE-2020-5377

9.1CRITICAL

Key Information:

Vendor: Dell
Status: Dell Open Manage Server Administrator
Vendor: CVE Published:; 28 July 2020

Badges

👾 Exploit Exists🟣 EPSS 79%

What is CVE-2020-5377?

Multiple path traversal vulnerabilities exist in Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and earlier. These vulnerabilities could be exploited by an unauthenticated remote attacker who sends a specially crafted Web API request with directory traversal sequences. Successful exploitation may allow the attacker to traverse the file system on the affected management station, potentially exposing sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dell Open Manage Server Administrator < 9.5

References

https://www.dell.com/support/article/en-us/sln322304/dsa-...

x_refsource_MISC

http://packetstormsecurity.com/files/162110/Dell-OpenMana...

x_refsource_MISC

EPSS Score

79% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
May 30, 2024
👾
Exploit known to exist
May 30, 2024
Vulnerability published
Jul 28, 2020
Vulnerability Reserved
Jan 3, 2020

JSON

Dell

Badges

What is CVE-2020-5377?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.