Omnissa Workspace ONE UEM 24.2.x < 24.2.0.36 / 24.6.x < 24.6.0.44 / 24.10.x < 24.10.0.25 (OMSA-2025-0005)

The version of Omnissa Workspace ONE UEM installed on the remote host is prior to 24.2.0.36, 24.6.0.44, or 24.10.0.25. It is, therefore, affected by a vulnerability as referenced in the omsa-2025-0005 advisory. - Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability....

CVE-2022-34396

Dell OpenManage Server Administrator (OMSA) 10.3.0.0 and earlier contains a DLL Injection vulnerability that lets a local, authenticated, low-privilege attacker execute arbitrary code with elevated privileges, potentially compromising the system. Affected component: OMSA DLL injection in the Dell...

CVE-2022-34396

Dell OpenManage Server Administrator OMSA version 10.3.0.0 and earlier contains a DLL Injection Vulnerability. A local low privileged authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary executable on the operating system with elevated...

CVE-2021-21514

Dell EMC OpenManage Server Administrator OMSA versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request...

CVE-2021-21513

Dell EMC OpenManage Server Administrator OMSA version 9.5 Microsoft Windows installations with Distributed Web Server DWS enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on t...

CVE-2021-21514

Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and earlier are affected by a path traversal vulnerability that allows a remote attacker with administrator privileges to view arbitrary files via a specially crafted URL request. This is due to a flaw in OMSA prior to 9.5, as detailed ...

CVE-2021-21514

Dell EMC OpenManage Server Administrator OMSA versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request...

CVE-2021-21513

Dell EMC OpenManage Server Administrator OMSA version 9.5 Microsoft Windows installations with Distributed Web Server DWS enabled configuration contains an authentication bypass vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain admin access on t...

CVE-2021-21513

Dell EMC OpenManage Server Administrator (OMSA) 9.5 on Windows with Distributed Web Server (DWS) enabled contains an authentication bypass vulnerability that could allow a remote unauthenticated attacker to gain administrator access. Root cause details are not provided beyond the bypass descripti...

Dell OpenManage Server Administrator Path Traversal (DSA-2020-172)

The version of Dell OpenManage Server Administrator OMSA running on the remote host is affected by a path traversal vulnerability due to improper sanitization of user-supplied input to a web API request. An unauthenticated, remote attacker can exploit this, via a crafted request, to gain file...

CVE-2020-5377

Dell EMC OpenManage Server Administrator OMSA versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain...

CVE-2020-5377

Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and earlier are affected by path traversal vulnerabilities. An unauthenticated remote attacker can send crafted Web API requests with directory traversal sequences to gain file system access on the managed station (arbitrary file read)....

CVE-2019-3723

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...

Xxe

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity XXE injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially...

CVE-2019-3722

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity XXE injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially...

CVE-2019-3722

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity XXE injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially...

Input validation

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...

CVE-2019-3723 Web Parameter Tampering Vulnerability

Dell EMC OpenManage Server Administrator OMSA versions prior to 9.1.0.3 and prior to 9.2.0.4 contain a web parameter tampering vulnerability. A remote unauthenticated attacker could potentially manipulate parameters of web requests to OMSA to create arbitrary files with empty content or delete th...

CVE-2019-3723

CVE-2019-3723 affects Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4. The flaw is a web parameter tampering vulnerability arising from improper input parameter validation, allowing a remote unauthenticated attacker to manipulate web request paramete...

CVE-2019-3721

Dell EMC Open Manage System Administrator OMSA versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a...