Published: 12/04/2016 Updated: 03/12/2016

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2

VMScore: 405

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Subscribe to Openmanage Server Administrator

Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dell openmanage server administrator 8.2

# Exploit Title: Dell OpenManage Server Administrator 82 Authenticated Directory Traversal # Date: February 22, 2016 # Exploit Author: hantwister # Vendor Homepage: wwwdellcom/ # Software Link: wwwdellcom/support/contents/us/en/19/article/Product-Support/Self-support-Knowledgebase/enterprise-resource-center/Enterprise-Tools/OMSA ...

OpenManage Server Administrator version 84 suffers from a directory traversal vulnerability ...

Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377.

Arbitrary File Read in OMSA Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377

CWE-22 https://www.exploit-db.com/exploits/39486/http://www.securitytracker.com/id/1035564 https://nvd.nist.gov https://github.com/und3sc0n0c1d0/AFR-in-OMSA https://www.exploit-db.com/exploits/39486/

CVE-2016-4004

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect