Lucene search

DellCVELIST:CVE-2021-21596

HistoryAug 09, 2021 - 9:05 p.m.

CVE-2021-21596

2021-08-0921:05:31

CWE-200

dell

www.cve.org

dell

openmanage

enterprise

remote code execution

vulnerability

information disclosure

privileges

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

55.4%

JSON

Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges.

CNA Affected

[
  {
    "product": "Dell OpenManage Enterprise",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "3.6.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/000189673

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

55.4%

JSON

Related for CVELIST:CVE-2021-21596