DSA-2023-367: Dell OpenManage Server Administrator (OMSA) Security Update for Multiple Vulnerabilities.

Sammendrag: Dell OpenManage Server Administrator (OMSA) remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Denne artikkelen gjelder for Denne artikkelen gjelder ikke for Denne artikkelen er ikke knyttet til noe bestemt produkt. Det er ikke produktversjonene som identifiseres i denne artikkelen.
Ta en titt på andre ressurser

Påvirkning

High

Detaljer

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-43079This hyperlink is taking you to a website outside of Dell Technologies. Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system.Exploitation may lead to a complete system compromise. 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-43079This hyperlink is taking you to a website outside of Dell Technologies. Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system.Exploitation may lead to a complete system compromise. 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies anbefaler at alle kunder tar hensyn til både grunnpoengsummen og alle relevante, midlertidige og miljømessige resultater som kan påvirke den potensielle alvorlighetsgraden knyttet til bestemte sikkerhetsproblemer.

Berørte produkter og utbedring

 
CVEs Addressed Product Affected Versions Remediated Versions Link
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.0.0
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.1.0 and prior 11.0.1.0,A00 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.1.0 and prior 11.0.1.0,A00 Dell Systems Management Tools and Documentation DVD ISO, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.1.0 and prior 11.0.1.0,A00 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.1.0

 
CVEs Addressed Product Affected Versions Remediated Versions Link
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.0.0
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.1.0 and prior 11.0.1.0,A00 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.1.0 and prior 11.0.1.0,A00 Dell Systems Management Tools and Documentation DVD ISO, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.1.0 and prior 11.0.1.0,A00 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.1.0

Endelige og midlertidige løsninger

None

Endringshistorikk

RevisionDateDescription
1.02023-03-10Initial Release
2.0 2023-13-10Corrected URL in the CVSS Vector String and removed extra whitespace in the CVE description.
3.0 2023-13-10Enhanced for presentation with no changes to content
4.02024-05-31Updated the Remediated Versions from 11.0.1.0,A01 to 11.0.1.0,A00 for the Affected Version 11.0.1.0 and prior.  

Bekreftelser

Dell Technologies would like to thank Gee-netics for reporting this issue.
 

Relatert informasjon

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridisk ansvarsfraskrivelse

Berørte produkter

OpenManage Server Administrator, Dell OpenManage Server Administrator Version 8.4, Dell OpenManage Server Administrator Version 8.5, Dell OpenManage Server Administrator Version 9.0.1, Dell OpenManage Server Administrator Version 9.0.2 , Dell OpenManage Server Administrator Version 9.1, Dell OpenManage Server Administrator Version 8.3, Dell OpenManage Server Administrator Managed Node for Dell Fluid Cache for DAS, Dell OpenManage Server Administrator Version 2.3, Dell OpenManage Server Administrator Version 5.0, Dell OpenManage Server Administrator Version 5.1, Dell OpenManage Server Administrator Version 5.2, Dell OpenManage Server Administrator Version 5.3, Dell OpenManage Server Administrator Version 5.4, Dell OpenManage Server Administrator Version 5.5, Dell OpenManage Server Administrator Version 6.0.1, Dell OpenManage Server Administrator Version 6.0.3, Dell OpenManage Server Administrator Version 6.1, Dell OpenManage Server Administrator Version 6.1.1, Dell OpenManage Server Administrator Version 6.2, Dell OpenManage Server Administrator Version 6.3, Dell OpenManage Server Administrator Version 6.4, Dell OpenManage Server Administrator Version 6.5, Dell OpenManage Server Administrator Version 6.5 A02, Dell OpenManage Server Administrator Version 7.0, Dell OpenManage Server Administrator Version 7.1, Dell OpenManage Server Administrator Version 7.2, Dell OpenManage Server Administrator Version 7.3, Dell OpenManage Server Administrator Version 7.4, Dell OpenManage Server Administrator Version 8.0.1, Dell OpenManage Server Administrator Version 8.0.2, Dell OpenManage Server Administrator Version 8.1, Dell OpenManage Server Administrator Version 8.2, Dell OpenManage Server Administrator Version 9.1.1, Dell OpenManage Server Administrator Version 10.0.1, Dell OpenManage Server Administrator Version 10.1.0.0, Dell OpenManage Server Administrator Version 10.2.0.0, Dell OpenManage Server Administrator Version 9.1.2, Dell OpenManage Server Administrator Version 9.2, Dell OpenManage Server Administrator Version 9.2.1, Dell OpenManage Server Administrator Version 9.3, Dell OpenManage Server Administrator Version 9.3.1, Dell OpenManage Server Administrator Version 9.3.2, Dell OpenManage Server Administrator Version 9.4, Dell OpenManage Server Administrator Version 9.5 ...
Artikkelegenskaper
Artikkelnummer: 000218469
Artikkeltype: Dell Security Advisory
Sist endret: 31 mai 2024
Få svar på spørsmålene dine fra andre Dell-brukere
Støttetjenester
Sjekk om enheten din er dekket av støttetjenestene.