Platform
dell
Component
dell-emc-openmanage-enterprise
Fixed in
3.20
CVE-2020-5320 describes a SQL injection vulnerability present in Dell EMC OpenManage Enterprise (OME) and OpenManage Enterprise-Modular (OME-M) versions prior to 3.2 and 1.10.00 respectively. This vulnerability allows a remote, authenticated attacker with high privileges to inject malicious SQL commands. Affected versions include OME versions up to and including 3.20. The vulnerability is resolved in version 3.20.
Successful exploitation of CVE-2020-5320 could grant an attacker unauthorized access to sensitive data stored within the OpenManage Enterprise database. An attacker could potentially read, modify, or delete data, including user credentials, system configurations, and performance metrics. The ability to execute arbitrary SQL commands also opens the door to privilege escalation, allowing the attacker to gain control over the entire system. While the vulnerability requires authentication with high privileges, the potential impact is significant, particularly in environments where OME is used for centralized management and monitoring of critical infrastructure.
CVE-2020-5320 was publicly disclosed on July 19, 2021. The vulnerability has a CRITICAL CVSS score of 9.0. There is no indication of active exploitation campaigns at this time, but the ease of exploitation and potential impact make it a high-priority vulnerability. No KEV listing is currently available.
Exploit Status
EPSS
0.62% (70% percentile)
CVSS Vector
The primary mitigation for CVE-2020-5320 is to upgrade to Dell EMC OpenManage Enterprise version 3.20 or later. If immediate upgrade is not possible, consider restricting access to the vulnerable endpoints and implementing strict input validation to prevent SQL injection attempts. Review existing user accounts and permissions to ensure that only authorized personnel have access to the OME interface. Monitor system logs for suspicious SQL activity and implement a Web Application Firewall (WAF) with SQL injection protection rules. After upgrade, confirm the vulnerability is resolved by attempting a SQL injection attack on the vulnerable endpoint and verifying that it is blocked.
Actualice Dell EMC OpenManage Enterprise a la versión 3.2 o posterior. Esto solucionará la vulnerabilidad de inyección SQL. Consulte el aviso de seguridad de Dell para obtener más detalles e instrucciones específicas.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2020-5320 is a critical SQL injection vulnerability affecting Dell EMC OpenManage Enterprise versions up to 3.20. A remote, authenticated attacker can execute SQL commands, potentially gaining unauthorized access.
You are affected if you are running Dell EMC OpenManage Enterprise versions 3.20 or earlier, or OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00.
Upgrade to Dell EMC OpenManage Enterprise version 3.20 or later to resolve the vulnerability. Consider input validation and WAF rules as temporary mitigations.
There is no current evidence of active exploitation, but the vulnerability's severity warrants immediate attention and remediation.
Refer to the Dell Security Advisory for CVE-2020-5320: https://www.dell.com/support/kbdoc/en-us/00018138/security-update-for-dell-emc-openmanage-enterprise-sql-injection-vulnerability
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.