Dell OpenManage Enterprise Vulnerability Could Lead to Unauthorized Access
CVE-2024-28961

7.8HIGH

Key Information:

Vendor: Dell
Status: Openmanage Enterprise
Vendor: CVE Published:; 29 April 2024

What is CVE-2024-28961?

Dell OpenManage Enterprise versions 4.0.0 and 4.0.1 are susceptible to a vulnerability that allows local low-privileged users to gain access to sensitive information. If exploited, this vulnerability could enable attackers to acquire credentials, resulting in unauthorized access with elevated privileges. The potential for further attacks underscores the importance of promptly updating to patched versions to secure systems against unauthorized exploitation. Dell advises all users to upgrade as soon as possible to mitigate these risks.

References

https://www.dell.com/support/kbdoc/en-us/000224251/dsa-20...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 29, 2024