Dell EMC OpenManage Server Administrator versions 9.4 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) Vulnerability

Summary

Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities.

Credit:

The information has been provided by David Yesland

The original article can be found at:https://www.dell.com/support/article/en-us/sln322304/dsa-2020-172-dell-emc-openmanage-server-administrator-omsa-path-traversal-vulnerability?lang=en


Details

An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station.

 

Vulnerable Systems:

Dell EMC OpenManage Server Administrator versions 9.4

 

CVE Information:

CVE-2020-5377

 

Disclosure Timeline:
Published Date:7/28/2020

Categories: FeaturedNews