平台
dell
组件
dell-emc-openmanage-enterprise
修复版本
3.20
CVE-2020-5320 describes a SQL injection vulnerability present in Dell EMC OpenManage Enterprise (OME) and OpenManage Enterprise-Modular (OME-M) versions prior to 3.2 and 1.10.00 respectively. This vulnerability allows a remote, authenticated attacker with high privileges to inject malicious SQL commands. Affected versions include OME versions up to and including 3.20. The vulnerability is resolved in version 3.20.
Successful exploitation of CVE-2020-5320 could grant an attacker unauthorized access to sensitive data stored within the OpenManage Enterprise database. An attacker could potentially read, modify, or delete data, including user credentials, system configurations, and performance metrics. The ability to execute arbitrary SQL commands also opens the door to privilege escalation, allowing the attacker to gain control over the entire system. While the vulnerability requires authentication with high privileges, the potential impact is significant, particularly in environments where OME is used for centralized management and monitoring of critical infrastructure.
CVE-2020-5320 was publicly disclosed on July 19, 2021. The vulnerability has a CRITICAL CVSS score of 9.0. There is no indication of active exploitation campaigns at this time, but the ease of exploitation and potential impact make it a high-priority vulnerability. No KEV listing is currently available.
Organizations utilizing Dell EMC OpenManage Enterprise for server management and monitoring are at risk, particularly those running versions prior to 3.20. Environments with shared hosting configurations or legacy systems with outdated software versions are especially vulnerable. Administrators who have not implemented robust access controls and input validation measures are also at increased risk.
• dell / server:
journalctl -u openmanage_enterprise | grep -i "SQL injection"• generic web:
curl -I 'https://<ome_ip>/<vulnerable_endpoint>' | grep 'SQL injection'discovery
disclosure
patch
漏洞利用状态
EPSS
0.62% (70% 百分位)
CVSS 向量
The primary mitigation for CVE-2020-5320 is to upgrade to Dell EMC OpenManage Enterprise version 3.20 or later. If immediate upgrade is not possible, consider restricting access to the vulnerable endpoints and implementing strict input validation to prevent SQL injection attempts. Review existing user accounts and permissions to ensure that only authorized personnel have access to the OME interface. Monitor system logs for suspicious SQL activity and implement a Web Application Firewall (WAF) with SQL injection protection rules. After upgrade, confirm the vulnerability is resolved by attempting a SQL injection attack on the vulnerable endpoint and verifying that it is blocked.
Actualice Dell EMC OpenManage Enterprise a la versión 3.2 o posterior. Esto solucionará la vulnerabilidad de inyección SQL. Consulte el aviso de seguridad de Dell para obtener más detalles e instrucciones específicas.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2020-5320 is a critical SQL injection vulnerability affecting Dell EMC OpenManage Enterprise versions up to 3.20. A remote, authenticated attacker can execute SQL commands, potentially gaining unauthorized access.
You are affected if you are running Dell EMC OpenManage Enterprise versions 3.20 or earlier, or OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00.
Upgrade to Dell EMC OpenManage Enterprise version 3.20 or later to resolve the vulnerability. Consider input validation and WAF rules as temporary mitigations.
There is no current evidence of active exploitation, but the vulnerability's severity warrants immediate attention and remediation.
Refer to the Dell Security Advisory for CVE-2020-5320: https://www.dell.com/support/kbdoc/en-us/00018138/security-update-for-dell-emc-openmanage-enterprise-sql-injection-vulnerability