CVE-2021-21514

Name of the Vulnerable Software and Affected Versions Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior

Description The issue allows a remote user with admin privileges to potentially view arbitrary files on the target system by sending a specially crafted URL request. This can be exploited to gain access to sensitive information, such as user credentials in configuration files. In real-world incidents, this issue has been used to bypass Windows Defender, impersonate a service, and gain SYSTEM level access.

Recommendations For versions 9.5 and prior, consider restricting access to the admin interface until a patch is available. As a temporary workaround, consider disabling the ability to send specially crafted URL requests to the affected system until a patch is available. Restrict access to sensitive files and configuration files to minimize the risk of exploitation.