Security Bypass Vulnerability in Dell OpenManage Enterprise-Modular
CVE-2021-21530

8.3HIGH

Key Information:

Vendor: Dell
Status: Openmanage Enterprise
Vendor: CVE Published:; 30 April 2021

Summary

Dell OpenManage Enterprise-Modular (OME-M) prior to version 1.30.00 suffers from a security bypass vulnerability. This issue allows an authenticated attacker with low-level privileges to escape the restricted environment, potentially leading to unauthorized access to sensitive information and the possibility of privilege escalation. It is crucial for users of OME-M to implement the latest updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

OpenManage Enterprise < 1.30.00

References

https://www.dell.com/support/kbdoc/000185205

x_refsource_MISC

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 30, 2021
Vulnerability Reserved
Jan 4, 2021