CVE-2020-5370

Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions.

CVSS v3 7.9 HIGH
CVSS v2.0 6.0 MEDIUM

7.9^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope CHANGED

6.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 6.8 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000130360/dsa-2020-153-dell-emc-openmanage-enterprise-tar-file-extraction-vulnerability	Patch Vendor Advisory
https://www.dell.com/support/kbdoc/en-us/000130360/dsa-2020-153-dell-emc-openmanage-enterprise-tar-file-extraction-vulnerability	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:emc_openmanage_enterprise:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:34

Type	Values Removed	Values Added
CVSS	v2 : ~~6.0~~ v3 : ~~6.8~~	v2 : 6.0 v3 : 7.9
References	~~() https://www.dell.com/support/kbdoc/en-us/000130360/dsa-2020-153-dell-emc-openmanage-enterprise-tar-file-extraction-vulnerability - Patch, Vendor Advisory~~	() https://www.dell.com/support/kbdoc/en-us/000130360/dsa-2020-153-dell-emc-openmanage-enterprise-tar-file-extraction-vulnerability - Patch, Vendor Advisory

Information

Published : 2021-07-22 17:15

Updated : 2024-11-21 05:34

NVD link : CVE-2020-5370

Mitre link : CVE-2020-5370

CVE.ORG link : CVE-2020-5370

JSON object : View

Products Affected

dell

emc_openmanage_enterprise

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2020-5370", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.9, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2021-07-22T17:15:08.997", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000130360/dsa-2020-153-dell-emc-openmanage-enterprise-tar-file-extraction-vulnerability", "tags": ["Patch", "Vendor Advisory"], "source": "security_alert@emc.com"}, {"url": "https://www.dell.com/support/kbdoc/en-us/000130360/dsa-2020-153-dell-emc-openmanage-enterprise-tar-file-extraction-vulnerability", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions."}, {"lang": "es", "value": "Dell EMC OpenManage Enterprise (OME) versiones anteriores a 3.4 contienen una vulnerabilidad de sobrescritura de archivos arbitraria. Un usuario malicioso autenticado y con privilegios elevados podr\u00eda explotar esta vulnerabilidad para sobrescribir archivos arbitrarios por medio de secuencias de salto de directorios usando un archivo tar dise\u00f1ado para inyectar RPM maliciosos que podr\u00edan causar una denegaci\u00f3n de servicio o llevar a cabo acciones no autorizadas"}], "lastModified": "2024-11-21T05:34:00.990", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:emc_openmanage_enterprise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69D1EED9-B0B4-4B4E-A3F8-31D345052E6C", "versionEndExcluding": "3.4"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}