Filtered by vendor Dell Subscriptions
Filtered by product Openmanage Enterprise Subscriptions
Total 9 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-45766 1 Dell 1 Openmanage Enterprise 2024-12-02 8 High
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-45767 1 Dell 1 Openmanage Enterprise 2024-12-02 4.3 Medium
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2024-28979 1 Dell 1 Openmanage Enterprise 2024-11-21 5.1 Medium
Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
CVE-2024-28978 1 Dell 1 Openmanage Enterprise 2024-11-21 5.2 Medium
Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources.
CVE-2022-26857 1 Dell 1 Openmanage Enterprise 2024-11-21 9 Critical
Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to bypass blocked functionalities and perform unauthorized actions.
CVE-2021-21596 1 Dell 2 Openmanage Enterprise, Openmanage Enterprise-modular 2024-11-21 9.6 Critical
Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges.
CVE-2021-21585 1 Dell 1 Openmanage Enterprise 2024-11-21 9.1 Critical
Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.
CVE-2021-21584 1 Dell 2 Openmanage Enterprise, Openmanage Enterprise-modular 2024-11-21 7.7 High
Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials.
CVE-2021-21564 1 Dell 1 Openmanage Enterprise 2024-11-21 9.8 Critical
Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data.