Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles
DSA-2021-060: Dell OpenManage Enterprise-Modular (OME-M) Security Update for a Bypass Vulnerability
Summary:Dell OpenManage Enterprise-Modular (OME-M) remediation is available for a security bypass vulnerability that may be exploited to compromise the affected systems.
Please select a product to check article relevancy
This article applies to This article does not apply toThis article is not tied to any specific product.Not all product versions are identified in this article.
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
8.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Proprietary Code CVE(s)
Description
CVSS Base Score
CVSS Vector String
CVE-2021-21530
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
8.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.