CVE-2020-5374
 
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain a hard-coded cryptographic key vulnerability. A remote unauthenticated attacker may exploit this vulnerability to gain access to the appliance data for remotely managed devices.
Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) para SCCM y SCVMM versiones anteriores a 7.2.1, contiene una vulnerabilidad de clave embebida. Un atacante remoto no autenticado puede explotar esta vulnerabilidad para conseguir acceso a los datos del dispositivo para dispositivos administrados remotamente
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-03 CVE Reserved
- 2020-07-14 CVE Published
- 2024-08-22 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-256: Plaintext Storage of a Password
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Emc Omimssc For Sccm Search vendor "Dell" for product "Emc Omimssc For Sccm" | < 7.2.1 Search vendor "Dell" for product "Emc Omimssc For Sccm" and version " < 7.2.1" | - |
Affected
| ||||||
Dell Search vendor "Dell" | Emc Omimssc For Scvmm Search vendor "Dell" for product "Emc Omimssc For Scvmm" | < 7.2.1 Search vendor "Dell" for product "Emc Omimssc For Scvmm" and version " < 7.2.1" | - |
Affected
|