CVE-2021-21513
8.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Summary
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Dell Open Manage Server Administrator | unspecified <= 9.5 | affected |
Weaknesses
- CWE-287: CWE-287: Improper Authentication
ADP Enrichment
CVE Program Container
Additional References
- https://www.tenable.com/security/research/tra-2021-07
- https://www.dell.com/support/kbdoc/en-us/000183670/dsa-2021-040-dell-emc-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities
References
- https://www.tenable.com/security/research/tra-2021-07
- https://www.dell.com/support/kbdoc/en-us/000183670/dsa-2021-040-dell-emc-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.