CVE-2021-21513
 
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Dell EMC OpenManage Server Administrator (OMSA) version 9.5 Microsoft Windows installations with Distributed Web Server (DWS) enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on the affected system.
Las instalaciones de Microsoft Windows de Dell EMC OpenManage Server Administrator (OMSA) versión 9.5, con configuración habilitada de Distributed Web Server (DWS) contienen una vulnerabilidad de omisión de autenticación. Un atacante remoto no autenticado podría potencialmente explotar esta vulnerabilidad para conseguir acceso de administrador en el sistema afectado
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-04 CVE Reserved
- 2021-03-02 CVE Published
- 2024-07-04 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://www.tenable.com/security/research/tra-2021-07 | 2024-09-16 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Openmanage Server Administrator Search vendor "Dell" for product "Openmanage Server Administrator" | < 9.4.0.3 Search vendor "Dell" for product "Openmanage Server Administrator" and version " < 9.4.0.3" | - |
Affected
| ||||||
Dell Search vendor "Dell" | Openmanage Server Administrator Search vendor "Dell" for product "Openmanage Server Administrator" | >= 9.5.0.0 < 9.5.0.1 Search vendor "Dell" for product "Openmanage Server Administrator" and version " >= 9.5.0.0 < 9.5.0.1" | - |
Affected
|