CVE-2020-5320 CRITICAL

CVE-2020-5320

Vendor Dell
Product Dell OpenManage Enterprise
Weakness CWE-89 · SQLi
Published July 19, 2021
Last update September 16, 2024

CVSS base score

9.0/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H

What the vulnerability does

01Description

Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a SQL injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to execute SQL commands to perform unauthorized actions.

Key dates

02Disclosure timeline

July 19, 2021 CVE published
September 16, 2024 Record updated