DSA-2021-060: Dell OpenManage Enterprise-Modular (OME-M) Security Update for a Bypass Vulnerability
Dell OpenManage Enterprise-Modular (OME-M) remediation is available for a security bypass vulnerability that may be exploited to compromise the affected systems.
Summary:Dell OpenManage Enterprise-Modular (OME-M) remediation is available for a security bypass vulnerability that may be exploited to compromise the affected systems.
Please select a product to check article relevancy
This article applies to This article does not apply to
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
8.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Proprietary Code CVE(s)
Description
CVSS Base Score
CVSS Vector String
CVE-2021-21530
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
8.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.