DSA-2021-060: Dell OpenManage Enterprise-Modular (OME-M) Security Update for a Bypass Vulnerability
Oversigt: Dell OpenManage Enterprise-Modular (OME-M) remediation is available for a security bypass vulnerability that may be exploited to compromise the affected systems.
Denne artikel gælder for
Denne artikel gælder ikke for
Denne artikel er ikke knyttet til et bestemt produkt.
Det er ikke alle produktversioner, der er identificeret i denne artikel.
Virkning
High
Oplysninger
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21530 | Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege. | 8.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21530 | Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege. | 8.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H |
Berørte produkter og udbedring
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| OpenManage Enterprise-Modular (OME-M) | Versions prior to 1.30.00 | 1.30.00 | OpenManage Enterprise Modular v1.30.00 | Driver Details | Dell US |
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| OpenManage Enterprise-Modular (OME-M) | Versions prior to 1.30.00 | 1.30.00 | OpenManage Enterprise Modular v1.30.00 | Driver Details | Dell US |
Revisionshistorik
| Revision | Date | Description |
| 1.0 | 2020-04-12 | Initial Release |
Bekræftelser
CVE-2021-21530: Dell would like to thank Thorsten Tüllmann of Karlsruhe Institute of Technology
Relaterede oplysninger
Ansvarsfraskrivelse
Berørte produkter
Dell OpenManage Enterprise-ModularProdukter
Product Security InformationArtikelegenskaber
Artikelnummer: 000185205
Artikeltype: Dell Security Advisory
Senest ændret: 13 apr. 2021
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.