Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000181064

DSA-2020-224: Dell EMC OpenManage Integration for Microsoft System Center Information Disclosure Vulnerability

Summary: DSA-2020-224: Dell EMC OpenManage Integration for Microsoft System Center Information Disclosure Vulnerability

Article Content

Symptoms

DSA ID: DSA-2020-224

CVE Identifier: CVE-2020-5389

Severity: Critical

Severity Rating: CVSSv3 Base Score 9.0 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H) 
 

Affected products:

  • Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for System Center Configuration Manager (SCCM) and System Center Virtual Machine Manager (SCVMM) versions prior to 7.2.1

 

Summary

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) has been updated to address a security vulnerability which may potentially be exploited to compromise the system.

 

Details

  • Information Disclosure (CVE-2020-5389)

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1  contain an information disclosure vulnerability.  Authenticated low privileged OMIMSCC users may be able to retrieve sensitive information from the logs.


Resolution

                                                                                                            

The following Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) release contain the resolution to the vulnerability:

  • Dell EMC OpenManage Integration for Microsoft System Center Version for System Center Configuration Manager and System Center Virtual Machine Manager v7.2.1 (A01).

 

Dell EMC recommends all customers upgrade at the earliest opportunity. 
 

Link to remedies:

 

Customers can download for PowerEdge servers. For all other platforms, please select the platform from the Dell support site.

 

 

Dell recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. Dell disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall Dell or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Dell or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.

Article Properties

Affected Product

OpenManage Integration for Microsoft System Center, OpenManage Integration Version 7.1 for Microsoft System Center, OpenManage Integration Version 7.1.1 for Microsoft System Center, OpenManage Integration Version 7.2 for Microsoft System Center

Last Published Date

14 Dec 2020

Version

1

Article Type

Solution

Back to Top