DSA-2021-060: Dell OpenManage Enterprise-Modular (OME-M) Security Update for a Bypass Vulnerability
Résumé: Dell OpenManage Enterprise-Modular (OME-M) remediation is available for a security bypass vulnerability that may be exploited to compromise the affected systems.
Cet article concerne
Cet article ne concerne pas
Cet article n’est associé à aucun produit spécifique.
Toutes les versions du produit ne sont pas identifiées dans cet article.
Impact
High
Détails
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21530 | Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege. | 8.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21530 | Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege. | 8.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H |
Produits concernés et mesure corrective
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| OpenManage Enterprise-Modular (OME-M) | Versions prior to 1.30.00 | 1.30.00 | OpenManage Enterprise Modular v1.30.00 | Driver Details | Dell US |
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| OpenManage Enterprise-Modular (OME-M) | Versions prior to 1.30.00 | 1.30.00 | OpenManage Enterprise Modular v1.30.00 | Driver Details | Dell US |
Historique des révisions
| Revision | Date | Description |
| 1.0 | 2020-04-12 | Initial Release |
Remerciements
CVE-2021-21530: Dell would like to thank Thorsten Tüllmann of Karlsruhe Institute of Technology
Informations connexes
Mention légale
Produits concernés
Dell OpenManage Enterprise-ModularProduits
Product Security InformationPropriétés de l’article
Numéro d’article: 000185205
Type d’article: Dell Security Advisory
Dernière modification: 13 avr. 2021
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.