Article Number: 000224641
DSA-2024-201: Security Update for Dell OpenManage Enterprise Vulnerability
Summary: Dell OpenManage Enterprise remediation is available for improper access control vulnerability that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
Medium
Details
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-28978 | Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources. | 5.2 | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N  |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2024-28978 | Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources. | 5.2 | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N |
Affected Products and Remediation
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell OpenManage Enterprise | Versions 3.10 and 4.0 | 4.1.0 | Support for Dell OpenManage Enterprise | Dell US |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell OpenManage Enterprise | Versions 3.10 and 4.0 | 4.1.0 | Support for Dell OpenManage Enterprise | Dell US |
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2024-04-30 | Initial release |
Related Information
Legal Information
Article Properties
Affected Product
Dell OpenManage Enterprise
Last Published Date
30 Apr 2024
Article Type
Dell Security Advisory