CVE-2024-45767

Name of the Vulnerable Software and Affected Versions: Dell OpenManage Enterprise versions OME 4.1 and prior

Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as SQL Injection. This could allow a low-privileged attacker with remote access to potentially exploit the vulnerability, leading to information disclosure.

Recommendations: For Dell OpenManage Enterprise versions OME 4.1 and prior, consider restricting access to the SQL command functionality until a patch is available. As a temporary workaround, avoid using user-input data in SQL commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.