CVE-2021-21514
CVE-2021-21514
In short
Dell EMC OpenManage Server Administrator has a flaw that lets administrators with access view files they shouldn't be able to reach by crafting special web requests. This could expose sensitive system information.
Technical detail
Path traversal vulnerability (CWE-22) in OMSA versions 9.5 and prior allows authenticated admin users to bypass directory restrictions and read arbitrary files via malicious URL parameters. Attack requires admin-level privileges and access to the management interface.
Summary generated and translated by AI from the official description.
Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected products
Dell · Dell Open Manage Server AdministratorWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →