Article Number: 000183670
High
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2021-21513 | Dell OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain admin access on the affected system. |
8.6 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L |
CVE-2021-21514 | Dell OpenManage Server Administrator (OMSA) versions 9.5 and earlier contain a path traversal vulnerability. A remote user with admin privileges may potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request. | 4.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
CVE-2021-21513 | Dell OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain admin access on the affected system. |
8.6 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L |
CVE-2021-21514 | Dell OpenManage Server Administrator (OMSA) versions 9.5 and earlier contain a path traversal vulnerability. A remote user with admin privileges may potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request. | 4.9 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Product | Affected Version(s) | Updated Version(s) | CVE |
OpenManage Server Administrator (OMSA) | Versions prior to 9.5 |
|
CVE-2021-21513 |
OpenManage Server Administrator (OMSA) | Versions prior to 9.5 |
|
CVE-2021-21514 |
OpenManage (OM) 9.4.0.3 | SWB 9403 | Link on support site |
Dell OpenManage Server Administrator Managed Node (Patch) for Windows 9.4.0.3 | RKHCG | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=RKHCG |
OpenManage (OM) 9.5.0.1 | SWB 9501 | Link on support site |
Dell OpenManage Server Administrator Managed Node (Patch) for Windows 9.5.0.1 | TFT7C | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=TFT7C |
Dell OpenManage Server Administrator Managed Node (Patch) for RHEL 7 9.5.0.1 | M7W41 | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=M7W41 |
Dell OpenManage Server Administrator Managed Node (Patch) for RHEL 8 9.5.0.1 | C34T8 | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=C34T8 |
Dell EMC OpenManage Server Administrator Managed Node (Patch) for SLES 15 9.5.0.1 | RR1J9 | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=RR1J9 |
Product | Affected Version(s) | Updated Version(s) | CVE |
OpenManage Server Administrator (OMSA) | Versions prior to 9.5 |
|
CVE-2021-21513 |
OpenManage Server Administrator (OMSA) | Versions prior to 9.5 |
|
CVE-2021-21514 |
OpenManage (OM) 9.4.0.3 | SWB 9403 | Link on support site |
Dell OpenManage Server Administrator Managed Node (Patch) for Windows 9.4.0.3 | RKHCG | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=RKHCG |
OpenManage (OM) 9.5.0.1 | SWB 9501 | Link on support site |
Dell OpenManage Server Administrator Managed Node (Patch) for Windows 9.5.0.1 | TFT7C | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=TFT7C |
Dell OpenManage Server Administrator Managed Node (Patch) for RHEL 7 9.5.0.1 | M7W41 | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=M7W41 |
Dell OpenManage Server Administrator Managed Node (Patch) for RHEL 8 9.5.0.1 | C34T8 | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=C34T8 |
Dell EMC OpenManage Server Administrator Managed Node (Patch) for SLES 15 9.5.0.1 | RR1J9 | https://www.dell.com/support/home/en-us/drivers/DriversDetails?driverId=RR1J9 |
None
CVE-2021-21513: Dell EMC would like to thank Tenable, Inc.
Revision | Date | Description |
1.0 | 2020-03-01 | Initial Release |
1.01 | 2021-03-15 | Update |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
23 Nov 2021
4
Dell Security Advisory