Improper Access Control in Dell OpenManage Server Administrator
CVE-2023-43079

7.3HIGH

Key Information:

Vendor: Dell
Status: Dell Openmanage Server Administrator
Vendor: CVE Published:; 13 October 2023

What is CVE-2023-43079?

Dell OpenManage Server Administrator versions 11.0.0.0 and earlier are susceptible to an Improper Access Control vulnerability. This issue allows a local low-privileged attacker to exploit the system, potentially executing arbitrary code and achieving elevated privileges. Such exploitation could lead to a full compromise of the affected system, putting sensitive information and resources at risk.

Affected Version(s)

Dell OpenManage Server Administrator Windows 11.0.0.0 and prior

Dell OpenManage Server Administrator Windows 11.0.1.0 and prior

Dell OpenManage Server Administrator Windows 10.3.0.0 and prior

References

https://www.dell.com/support/kbdoc/en-us/000218469/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 13, 2023
Vulnerability Reserved
Sep 15, 2023