CVE-2019-3723 Vulnerability Details

  /     /     /  

CVE-2019-3723 Metadata Quick Info

CVE Published: 06/06/2019 | CVE Updated: 16/09/2024 | CVE Year: 2019
Source: dell | Vendor: Dell EMC | Product: OpenManage Server Administrator
Status : PUBLISHED

---

CVE-2019-3723 Description

Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete the contents of any existing file, due to improper input parameter validation

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Web Parameter Tampering Vulnerability
Source: Dell EMC

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).