DSA-2025-257: Security Update for Dell OpenManage Network Integration (OMNI) Vulnerabilities

Résumé: Dell Open Manage Network Integration remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

High

Détails

Third-party Component 

CVEs 

More Information 

openssh

CVE-2025-26465, CVE-2025-32728

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

rubygems

CVE-2021-43809, CVE-2023-28755, CVE-2025-27221

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

krb5

CVE-2025-3576, CVE-2025-24528

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

postgresql-13

CVE-2025-1094, CVE-2025-4207

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

net-tools

CVE-2025-46836

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

tiff

CVE-2023-2908, CVE-2023-3316, CVE-2023-3618, CVE-2023-25433, CVE-2023-26965, CVE-2023-26966, CVE-2023-52356, CVE-2024-7006

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

ruby2.7

CVE-2024-35176, CVE-2024-39908, CVE-2024-41123, CVE-2024-41946, CVE-2024-43398, CVE-2024-49761, CVE-2025-27219, CVE-2025-27220, CVE-2025-27221

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

git

CVE-2024-50349, CVE-2024-52006

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

bind9

CVE-2024-11187

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libtasn1-6

CVE-2024-12133

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

gnutls28

CVE-2024-12243

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libxml2

CVE-2022-49043, CVE-2023-39615, CVE-2023-45322, CVE-2024-25062, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2025-32414 CVE-2025-32415

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

mariadb-10.5

CVE-2025-21490, CVE-2025-30693, CVE-2025-30722

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

mercurial

CVE-2025-2361

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libcap2

CVE-2023-2602, CVE-2023-2603, CVE-2025-1390

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

python3.9

CVE-2022-0391, CVE-2025-0938, CVE-2025-1795

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

vim

CVE-2021-3872, CVE-2021-4019, CVE-2021-4173, CVE-2021-4187, CVE-2022-0261, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361,  CVE-2022-0392, CVE-2022-0417, CVE-2022-0572, CVE-2022-1616, CVE-2022-1785, CVE-2022-1897, CVE-2022-1942, CVE-2022-2000, CVE-2022-2129, CVE-2022-2304, CVE-2022-3099, CVE-2022-3134, CVE-2022-3324, CVE-2022-4141, CVE-2023-0054, CVE-2023-1175, CVE-2023-2610, CVE-2023-4738, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2024-22667, CVE-2024-43802, CVE-2024-47814

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

openjpeg2

CVE-2021-3575, CVE-2021-29338, CVE-2022-1122, CVE-2024-56826, CVE-2024-56827

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

freetype

CVE-2025-27363

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

wpa

CVE-2022-23303, CVE-2022-23304, CVE-2022-37660

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

shadow

CVE-2023-4641, CVE-2023-29383

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

wget

CVE-2024-38428

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libbpf

CVE-2022-3534, CVE-2022-3606

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

glibc

 CVE-2025-0395, CVE-2025-4802

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

expat

CVE-2024-50602

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

containerd

CVE-2024-40635

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

api container

CVE-2024-28085, CVE-2021-3610, CVE-2024-37370, CVE-2024-2961, CVE-2024-2398, CVE-2022-48622, CVE-2024-0553, CVE-2024-37370, CVE-2023-30861, CVE-2023-25577, CVE-2021-23727, CVE-2024-1135, CVE-2022-40897

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

open-vm-tools

CVE-2025-22247

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

linux kernel

CVE-2021-47469, CVE-2023-52530, CVE-2023-52917, CVE-2024-26921, CVE-2024-27017, CVE-2024-27072, CVE-2024-35965, CVE-2024-35966, CVE-2024-36476, CVE-2024-36899, CVE-2024-38538, CVE-2024-38544, CVE-2024-38588, CVE-2024-38591, CVE-2024-39497, CVE-2024-40953, CVE-2024-41016, CVE-2024-41060, CVE-2024-41080, CVE-2024-42315, CVE-2024-43098, CVE-2024-44931, CVE-2024-44940, CVE-2024-46695, CVE-2024-46809, CVE-2024-46841, CVE-2024-46849, CVE-2024-46853, CVE-2024-46854, CVE-2024-46858, CVE-2024-46865, CVE-2024-47143, CVE-2024-47670, CVE-2024-47671, CVE-2024-47672, CVE-2024-47674, CVE-2024-47679, CVE-2024-47684, CVE-2024-47685, CVE-2024-47692, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47701, CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709, CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47718, CVE-2024-47723, CVE-2024-47735, CVE-2024-47737, CVE-2024-47739, CVE-2024-47740, CVE-2024-47742, CVE-2024-47748, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757, CVE-2024-48881, CVE-2024-49851, CVE-2024-49858, CVE-2024-49860, CVE-2024-49863, CVE-2024-49867, CVE-2024-49868, CVE-2024-49875, CVE-2024-49877, CVE-2024-49878, CVE-2024-49879, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49889, CVE-2024-49890, CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896, CVE-2024-49900, CVE-2024-49902, CVE-2024-49903, CVE-2024-49907, CVE-2024-49913, CVE-2024-49930, CVE-2024-49933, CVE-2024-49936, CVE-2024-49938, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949, CVE-2024-49952, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958, CVE-2024-49959, CVE-2024-49962, CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49969, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49977, CVE-2024-49981, CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49995, CVE-2024-49996, CVE-2024-50001, CVE-2024-50006, CVE-2024-50007, CVE-2024-50008, CVE-2024-50010, CVE-2024-50013, CVE-2024-50015, CVE-2024-50024, CVE-2024-50033, CVE-2024-50035, CVE-2024-50036, CVE-2024-50039, CVE-2024-50040, CVE-2024-50044, CVE-2024-50045, CVE-2024-50046, CVE-2024-50049, CVE-2024-50055, CVE-2024-50058, CVE-2024-50059, CVE-2024-50072, CVE-2024-50074, CVE-2024-50082, CVE-2024-50083, CVE-2024-50095, CVE-2024-50096, CVE-2024-50099, CVE-2024-50103, CVE-2024-50115, CVE-2024-50116, CVE-2024-50117, CVE-2024-50121, CVE-2024-50127, CVE-2024-50131, CVE-2024-50134, CVE-2024-50142, CVE-2024-50148, CVE-2024-50150, CVE-2024-50151, CVE-2024-50153, CVE-2024-50167, CVE-2024-50171, CVE-2024-50179, CVE-2024-50180, CVE-2024-50181, CVE-2024-50184, CVE-2024-50185, CVE-2024-50188, CVE-2024-50192, CVE-2024-50193, CVE-2024-50194, CVE-2024-50195, CVE-2024-50198, CVE-2024-50199, CVE-2024-50201, CVE-2024-50202, CVE-2024-50205, CVE-2024-50208, CVE-2024-50209, CVE-2024-50210, CVE-2024-50218, CVE-2024-50229, CVE-2024-50230, CVE-2024-50233, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50251, CVE-2024-50262, CVE-2024-50264, CVE-2024-50265, CVE-2024-50267, CVE-2024-50268, CVE-2024-50269, CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287, CVE-2024-50290, CVE-2024-50292, CVE-2024-50295, CVE-2024-50296, CVE-2024-50299, CVE-2024-50301, CVE-2024-50302, CVE-2024-50304, CVE-2024-52332, CVE-2024-53042, CVE-2024-53052, CVE-2024-53057, CVE-2024-53059, CVE-2024-53060, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53096, CVE-2024-53097, CVE-2024-53099, CVE-2024-53101, CVE-2024-53103, CVE-2024-53104, CVE-2024-53112, CVE-2024-53119, CVE-2024-53121, CVE-2024-53124, CVE-2024-53125, CVE-2024-53127, CVE-2024-53130, CVE-2024-53131, CVE-2024-53135, CVE-2024-53136, CVE-2024-53138, CVE-2024-53140, CVE-2024-53141, CVE-2024-53142, CVE-2024-53145, CVE-2024-53146, CVE-2024-53148, CVE-2024-53150, CVE-2024-53155, CVE-2024-53156, CVE-2024-53157, CVE-2024-53158, CVE-2024-53161, CVE-2024-53164, CVE-2024-53171, CVE-2024-53172, CVE-2024-53173, CVE-2024-53174, CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53194, CVE-2024-53197, CVE-2024-53198, CVE-2024-53214, CVE-2024-53217, CVE-2024-53226, CVE-2024-53227, CVE-2024-53237, CVE-2024-53239, CVE-2024-53240, CVE-2024-53241, CVE-2024-53680, CVE-2024-53685, CVE-2024-53690, CVE-2024-54031, CVE-2024-55916, CVE-2024-56531, CVE-2024-56532, CVE-2024-56533, CVE-2024-56539, CVE-2024-56548, CVE-2024-56558, CVE-2024-56562, CVE-2024-56567, CVE-2024-56568, CVE-2024-56569, CVE-2024-56570, CVE-2024-56574, CVE-2024-56576, CVE-2024-56581, CVE-2024-56586, CVE-2024-56587, CVE-2024-56589, CVE-2024-56593, CVE-2024-56594, CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598, CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56603, CVE-2024-56605, CVE-2024-56606, CVE-2024-56610, CVE-2024-56615, CVE-2024-56616, CVE-2024-56619, CVE-2024-56623, CVE-2024-56629, CVE-2024-56630, CVE-2024-56631, CVE-2024-56633, CVE-2024-56634, CVE-2024-56636, CVE-2024-56637, CVE-2024-56642, CVE-2024-56643, CVE-2024-56644, CVE-2024-56645, CVE-2024-56648, CVE-2024-56650, CVE-2024-56659, CVE-2024-56661, CVE-2024-56662, CVE-2024-56670, CVE-2024-56672, CVE-2024-56681, CVE-2024-56688, CVE-2024-56690, CVE-2024-56691, CVE-2024-56694, CVE-2024-56698, CVE-2024-56700, CVE-2024-56704, CVE-2024-56705, CVE-2024-56716, CVE-2024-56720, CVE-2024-56723, CVE-2024-56724, CVE-2024-56728, CVE-2024-56739, CVE-2024-56741, CVE-2024-56747, CVE-2024-56748, CVE-2024-56754, CVE-2024-56756, CVE-2024-56759, CVE-2024-56763, CVE-2024-56766, CVE-2024-56767, CVE-2024-56769, CVE-2024-56770, CVE-2024-56779, CVE-2024-56780, CVE-2024-57791, CVE-2024-57792, CVE-2024-57802, CVE-2024-57807, CVE-2024-57850, CVE-2024-57874, CVE-2024-57884, CVE-2024-57887, CVE-2024-57889, CVE-2024-57890, CVE-2024-57892, CVE-2024-57896, CVE-2024-57900, CVE-2024-57901, CVE-2024-57902, CVE-2024-57904, CVE-2024-57906, CVE-2024-57907, CVE-2024-57908, CVE-2024-57910, CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57922, CVE-2024-57929, CVE-2024-57931, CVE-2024-57938, CVE-2024-57940, CVE-2024-57946, CVE-2024-57948, CVE-2024-57951, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21646, CVE-2025-21648, CVE-2025-21653, CVE-2025-21664, CVE-2025-21666, CVE-2025-21669, CVE-2025-21678, CVE-2025-21683, CVE-2025-21687, CVE-2025-21688, CVE-2025-21689, CVE-2025-21692, CVE-2025-21694, CVE-2025-21697, CVE-2025-21699, CVE-2024-50095, CVE-2024-50095, CVE-2024-50095, CVE-2024-50095

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-36593

Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol.  An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.  

8.8

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-36593

Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol.  An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.  

8.8

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

Dell OpenManage Network Integration

Software

Versions prior to 3.8

Version 3.8 or later

Support for Dell OpenManage Network Integration

 

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

Dell OpenManage Network Integration

Software

Versions prior to 3.8

Version 3.8 or later

Support for Dell OpenManage Network Integration

 

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Historique des révisions

Revision

Date

Description

1.0

2025-06-25

Initial Release

2.0

2025-06-30

Revised CVE Description and Affected Products & Remediation table

 

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Dell OpenManage Network Integration
Propriétés de l’article
Numéro d’article: 000337238
Type d’article: Dell Security Advisory
Dernière modification: 30 Jun 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.