Improper Authentication Vulnerability in Dell OpenManage Enterprise
CVE-2021-21564

9.8CRITICAL

Key Information:

Vendor: Dell
Status: Dell Openmanage Enterprise
Vendor: CVE Published:; 9 August 2021

Summary

Dell OpenManage Enterprise versions prior to 3.6.1 are impacted by an improper authentication vulnerability that allows a remote unauthenticated attacker to potentially exploit the system. By sending crafted data, the attacker could hijack an elevated session or perform unauthorized actions, leading to a breach of security protocols and unauthorized access to sensitive information. It is essential for users to upgrade to the latest version to mitigate this risk.

Affected Version(s)

Dell OpenManage Enterprise < unspecified

References

https://www.dell.com/support/kbdoc/000189673

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 9, 2021
Vulnerability Reserved
Jan 4, 2021