CVE-2019-3721

Опубликовано: 25 апр. 2019

Источник: nvd

CVSS3: 4.3

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to compress each of the requested bytes, resulting in a crash due to excessive memory consumption and preventing users from accessing the system.

Ссылки

http://www.securityfocus.com/bid/108092
Broken Link
Third Party Advisory
VDB Entry
https://www.dell.com/support/article/us/en/04/sln316915/dsa-2019-060-dell-emc-open-manage-system-administrator-multiple-vulnerabilities?lang=en
Vendor Advisory
http://www.securityfocus.com/bid/108092
Broken Link
Third Party Advisory
VDB Entry
https://www.dell.com/support/article/us/en/04/sln316915/dsa-2019-060-dell-emc-open-manage-system-administrator-multiple-vulnerabilities?lang=en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:emc_openmanage_server_administrator:*:*:*:*:*:*:*:*

Версия до 9.3.0 (исключая)

EPSS

Процентиль: 66%

0.00513

Низкий

4.3 Medium

CVSS3

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-770

Связанные уязвимости

GHSA-v279-g8wh-682w

CVSS3: 7.5

github

больше 3 лет назад

EPSS

Процентиль: 66%

0.00513

Низкий

4.3 Medium

CVSS3

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-770