CVE-2020-5373

MEDIUM

Dell EMC OpenManage Integration for Microsoft System Center < 7.2.1 - Unauthenticated Information Disclosure

Title source: llm

Description

Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions prior to 7.2.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to retrieve the system inventory data of the managed device.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.dell.com/support/article/en-us/sln322169/dsa-2020-163-dell-emc-openmanage-integration-for-microsoft-system-center-multiple-vulnerabilities?lang=en

Scores

CVSS v3 6.5

EPSS 0.0028

EPSS Percentile 51.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-306

Status published

Products (2)

dell/emc_omimssc_for_sccm < 7.2.1

dell/emc_omimssc_for_scvmm < 7.2.1

Published Jul 14, 2020

Tracked Since Feb 18, 2026