Improper Access Control in Dell OpenManage Server Administrator
CVE-2023-43079

7.8HIGH

Key Information:

Vendor: Dell
Status: Dell OpenManage Server Administrator
Vendor: CVE Published:; 13 October 2023

Summary

Dell OpenManage Server Administrator versions 11.0.0.0 and earlier are susceptible to an Improper Access Control vulnerability. This issue allows a local low-privileged attacker to exploit the system, potentially executing arbitrary code and achieving elevated privileges. Such exploitation could lead to a full compromise of the affected system, putting sensitive information and resources at risk.

Affected Version(s)

Dell OpenManage Server Administrator Windows 11.0.0.0 and prior

Dell OpenManage Server Administrator Windows 11.0.1.0 and prior

Dell OpenManage Server Administrator Windows 10.3.0.0 and prior

References

https://www.dell.com/support/kbdoc/en-us/000218469/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2023
Vulnerability Reserved
Sep 15, 2023

Collectors

NVD DatabaseMitre Database