Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28979 | 1 Dell | 1 Openmanage Enterprise | 2024-08-20 | N/A | 4.8 MEDIUM |
| Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection. | |||||
| CVE-2024-28978 | 1 Dell | 1 Openmanage Enterprise | 2024-05-23 | N/A | 6.5 MEDIUM |
| Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources. | |||||
| CVE-2022-26857 | 1 Dell | 1 Openmanage Enterprise | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass blocked functionalities and perform unauthorized actions. | |||||
| CVE-2021-21564 | 1 Dell | 1 Openmanage Enterprise | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data. | |||||
| CVE-2021-21585 | 1 Dell | 1 Openmanage Enterprise | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands. | |||||
| CVE-2021-21584 | 1 Dell | 2 Openmanage Enterprise, Openmanage Enterprise-modular | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials. | |||||
| CVE-2021-21596 | 1 Dell | 2 Openmanage Enterprise, Openmanage Enterprise-modular | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
| Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges. | |||||