CVE-2020-5377

Name of the Vulnerable Software and Affected Versions Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior

Description The issue allows an unauthenticated remote attacker to potentially exploit multiple path traversal vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station.

Recommendations For versions 9.4 and prior, update to a version later than 9.4 to resolve the issue. As a temporary workaround, consider restricting access to the Web API to minimize the risk of exploitation.