PT-2021-14639 · Dell · Dell Openmanage Enterprise+1
Alexandre Torres
+1
·
Published
2021-08-09
·
Updated
2022-10-24
·
CVE-2021-21596
CVSS v3.1
9.6
Critical
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell OpenManage Enterprise versions 3.4 through 3.6.1
Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00
Description
The issue is a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability, leading to information disclosure and a possible elevation of privileges.
Recommendations
For Dell OpenManage Enterprise versions 3.4 through 3.6.1, update to a version outside of this range to mitigate the risk.
For Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, update to a version outside of this range to mitigate the risk.
As a temporary workaround, consider restricting access to the subnet to minimize the risk of exploitation.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Openmanage Enterprise
Dell Emc Openmanage Enterprise-Modular