DSA-2024-481: Security Update for Dell OpenManage Server Administrator (OMSA) Vulnerabilities
Oversigt: Dell OpenManage Server Administrator (OMSA) remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Denne artikel gælder for
Denne artikel gælder ikke for
Denne artikel er ikke knyttet til et bestemt produkt.
Det er ikke alle produktversioner, der er identificeret i denne artikel.
Virkning
Medium
Oplysninger
|
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-45760 |
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. A remote low privileged user could potentially exploit this vulnerability via the HTTP GET method leading to unauthorized action with elevated privileges. |
4.3 |
|
|
CVE-2024-45761 |
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileged malicious user could potentially exploit this vulnerability to load any web plugins or Java class leading to the possibility of altering the behavior of certain apps/OS or Denial of Service. |
5.4 |
|
Proprietary Code CVE |
Description |
CVSS Base Score |
CVSS Vector String |
|
CVE-2024-45760 |
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. A remote low privileged user could potentially exploit this vulnerability via the HTTP GET method leading to unauthorized action with elevated privileges. |
4.3 |
|
|
CVE-2024-45761 |
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileged malicious user could potentially exploit this vulnerability to load any web plugins or Java class leading to the possibility of altering the behavior of certain apps/OS or Denial of Service. |
5.4 |
Berørte produkter og udbedring
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell OpenManage Server Administrator Managed Node for Windows |
Version 11.0.1.0 and prior |
11.1.0.0 |
https://www.dell.com/support/home/drivers/DriversDetails?driverid=W3318 |
|
Dell OpenManage Server Administrator Managed Node (Linux Consolidated) |
Version 11.0.1.0 and prior |
11.1.0.0 |
https://www.dell.com/support/home/drivers/driversdetails?driverId=30R6G |
|
Dell Systems Management Tools and Documentation DVD ISO |
Version 11.0.1.0 and prior |
11.1.0.0 |
https://www.dell.com/support/home/drivers/driversdetails?driverId=PW8WM |
|
Product |
Affected Versions |
Remediated Versions |
Link |
|
Dell OpenManage Server Administrator Managed Node for Windows |
Version 11.0.1.0 and prior |
11.1.0.0 |
https://www.dell.com/support/home/drivers/DriversDetails?driverid=W3318 |
|
Dell OpenManage Server Administrator Managed Node (Linux Consolidated) |
Version 11.0.1.0 and prior |
11.1.0.0 |
https://www.dell.com/support/home/drivers/driversdetails?driverId=30R6G |
|
Dell Systems Management Tools and Documentation DVD ISO |
Version 11.0.1.0 and prior |
11.1.0.0 |
https://www.dell.com/support/home/drivers/driversdetails?driverId=PW8WM |
Revisionshistorik
|
Revision |
Date |
Description |
|
1.0 |
2024-12-09 |
Initial Release |
|
2.0 |
2025-04-29 |
Fixed broken link for Dell OpenManage Server Administrator Managed Node for Windows |
Relaterede oplysninger
Ansvarsfraskrivelse
Berørte produkter
OpenManage Server AdministratorArtikelegenskaber
Artikelnummer: 000258320
Artikeltype: Dell Security Advisory
Senest ændret: 29 apr. 2025
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.