CVE-2020-5322 CRITICAL

CVE-2020-5322

Vendor Dell

Product Dell OpenManage Enterprise Modular

Weakness CWE-78

Published July 19, 2021

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

9.1/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection vulnerability. A remote authenticated malicious user with high privileges could potentially exploit the vulnerability to execute arbitrary shell commands on the affected system.

Key dates

02Disclosure timeline

July 19, 2021 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-5322 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

Identifiers

CVE CVE-2020-5322

CWE CWE-78

CVSS 9.1 / CRITICAL

Affected versions