{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T00:44:13.186","vulnerabilities":[{"cve":{"id":"CVE-2019-3722","sourceIdentifier":"security_alert@emc.com","published":"2019-06-06T19:29:00.703","lastModified":"2024-11-21T04:42:24.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1.0.3 and prior to 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplying specially crafted document type definitions (DTDs) in an XML request."},{"lang":"es","value":"Las versiones de Dell EMC OpenManage Server Administrator (OMSA) anteriores a 9.1.0.3 y anteriores a 9.2.0.4 contienen una vulnerabilidad de inyección de entidad externa XML (XXE). Un atacante remoto no identificado podría potencialmente aprovechar  esta vulnerabilidad para leer archivos arbitrarios del sistema del servidor al proporcionar definiciones de tipo de documento especialmente diseñadas (DTD) en una solicitud XML."}],"metrics":{"cvssMetricV30":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1:*:*:*:*:*:*:*","matchCriteriaId":"27A15630-3C36-4160-99E2-76B8B29EC6E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"F0464BDE-2461-4ECB-BA4E-4E92A80F6808"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_openmanage_server_administrator:9.1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"C76D0E62-E7CB-43DE-90B4-FF92D4AFC9DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2:*:*:*:*:*:*:*","matchCriteriaId":"C3463683-F756-4581-A39C-24AA74982242"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"729D5479-F7ED-48DF-A206-62A2EAFFCF43"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_openmanage_server_administrator:9.2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"0C66F3E6-465A-4465-A686-0698E81062ED"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/108685","source":"security_alert@emc.com","tags":["Third Party Advisory"]},{"url":"https://www.dell.com/support/article/us/en/04/sln317441/dsa-2019-074-dell-emc-openmanage-server-administrator-multiple-vulnerabilities?lang=en","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/108685","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dell.com/support/article/us/en/04/sln317441/dsa-2019-074-dell-emc-openmanage-server-administrator-multiple-vulnerabilities?lang=en","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}