Hopp til hovedinnhold
  • Legg inn bestillinger raskt og enkelt
  • Vis bestillinger og spor forsendelsesstatus
  • Opprett og få tilgang til en liste over produktene dine
  • Administrer Dell EMC-områder, produkter og kontakter for produktnivå ved hjelp av virksomhetsadministrering.

Artikkelnummer: 000218469


DSA-2023-367: Dell OpenManage Server Administrator (OMSA) Security Update for Multiple Vulnerabilities.

Sammendrag: Dell OpenManage Server Administrator (OMSA) remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Artikkelinnhold


Påvirkning

High

Detaljer

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-43079This hyperlink is taking you to a website outside of Dell Technologies. Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system.Exploitation may lead to a complete system compromise. 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2023-43079This hyperlink is taking you to a website outside of Dell Technologies. Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system.Exploitation may lead to a complete system compromise. 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies anbefaler at alle kunder tar hensyn til både grunnpoengsummen og alle relevante, midlertidige og miljømessige resultater som kan påvirke den potensielle alvorlighetsgraden knyttet til bestemte sikkerhetsproblemer.

Berørte produkter og utbedring

 
CVEs Addressed Product Affected Versions Remediated Versions Link
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.0.0
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.1.0 and prior 11.0.1.0,A01 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.1.0 and prior 11.0.1.0,A01 Dell Systems Management Tools and Documentation DVD ISO, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.1.0 and prior 11.0.1.0,A01 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.1.0

 
CVEs Addressed Product Affected Versions Remediated Versions Link
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO, v11.0.0.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.0.0 and prior 11.0.0.0,A01 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.0.0
CVE-2023-43079 Dell Open Manage Server Administrator Managed Node for Windows 11.0.1.0 and prior 11.0.1.0,A01 Dell OpenManage Server Administrator Managed Node for Windows, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO 11.0.1.0 and prior 11.0.1.0,A01 Dell Systems Management Tools and Documentation DVD ISO, v11.0.1.0
CVE-2023-43079 Dell Systems Management Tools and Documentation DVD ISO For Windows 11.0.1.0 and prior 11.0.1.0,A01 Dell Systems Management Tools and Documentation DVD ISO For Windows, v11.0.1.0

Løsninger og utbedringer

None

Bekreftelser

Dell Technologies would like to thank Gee-netics for reporting this issue.
 

Endringshistorikk

RevisionDateDescription
1.02023-03-10Initial Release
2.0 2023-13-10Corrected URL in the CVSS Vector String and removed extra whitespace in the CVE description.
3.0 2023-13-10Enhanced for presentation with no changes to content

Relatert informasjon

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Artikkelegenskaper


Berørt produkt
OpenManage Server Administrator, Dell OpenManage Server Administrator Version 8.4, Dell OpenManage Server Administrator Version 8.5, Dell OpenManage Server Administrator Version 9.0.1, Dell OpenManage Server Administrator Version 9.0.2 , Dell OpenManage Server Administrator Version 9.1, Dell OpenManage Server Administrator Version 8.3, Dell OpenManage Server Administrator Managed Node for Dell Fluid Cache for DAS, Dell OpenManage Server Administrator Version 2.3, Dell OpenManage Server Administrator Version 5.0, Dell OpenManage Server Administrator Version 5.1, Dell OpenManage Server Administrator Version 5.2, Dell OpenManage Server Administrator Version 5.3, Dell OpenManage Server Administrator Version 5.4, Dell OpenManage Server Administrator Version 5.5, Dell OpenManage Server Administrator Version 6.0.1, Dell OpenManage Server Administrator Version 6.0.3, Dell OpenManage Server Administrator Version 6.1, Dell OpenManage Server Administrator Version 6.1.1, Dell OpenManage Server Administrator Version 6.2, Dell OpenManage Server Administrator Version 6.3, Dell OpenManage Server Administrator Version 6.4, Dell OpenManage Server Administrator Version 6.5, Dell OpenManage Server Administrator Version 6.5 A02, Dell OpenManage Server Administrator Version 7.0, Dell OpenManage Server Administrator Version 7.1, Dell OpenManage Server Administrator Version 7.2, Dell OpenManage Server Administrator Version 7.3, Dell OpenManage Server Administrator Version 7.4, Dell OpenManage Server Administrator Version 8.0.1, Dell OpenManage Server Administrator Version 8.0.2, Dell OpenManage Server Administrator Version 8.1, Dell OpenManage Server Administrator Version 8.2, Dell OpenManage Server Administrator Version 9.1.1, Dell OpenManage Server Administrator Version 10.0.1, Dell OpenManage Server Administrator Version 10.1.0.0, Dell OpenManage Server Administrator Version 10.2.0.0, Dell OpenManage Server Administrator Version 9.1.2, Dell OpenManage Server Administrator Version 9.2, Dell OpenManage Server Administrator Version 9.2.1, Dell OpenManage Server Administrator Version 9.3, Dell OpenManage Server Administrator Version 9.3.1, Dell OpenManage Server Administrator Version 9.3.2, Dell OpenManage Server Administrator Version 9.4, Dell OpenManage Server Administrator Version 9.5 ...
Dato for siste publisering

13 okt. 2023

Versjon

4

Artikkeltype

Dell Security Advisory