334 matches found
CVE-2024-45767
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
CVE-2024-45766
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
CVE-2024-45766
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
CVE-2024-45767
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
CVE-2024-45767
Dell OpenManage Enterprise (OME) before 4.2.0 contains an SQL injection vulnerability due to improper neutralization of special elements in SQL commands. A low-privilege, remote attacker could cause information disclosure. Publicly documented in CVE-2024-45767 and corroborated by NVD/CVEC/Vuln en...
CVE-2024-45767
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
CVE-2024-45767
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...
CVE-2024-45766
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
CVE-2024-45766
Dell OpenManage Enterprise (OME) versions 4.1 and earlier are affected by a code generation/Code Injection vulnerability that could allow a low-privileged, remote attacker to achieve code execution. The issue stems from improper controls over code generation and is documented across multiple sour...
CVE-2024-45766
Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...
Dell OpenManage Enterprise 代码注入漏洞
Dell OpenManage Enterprise is an easy-to-use, one-to-many system management console for IT infrastructure management from Dell, Inc. The software enables cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. A code injection vulnerability exists i...
Dell OpenManage Enterprise SQL注入漏洞
Dell OpenManage Enterprise is an easy-to-use, one-to-many system management console for IT infrastructure management from Dell, Inc. The software supports cost-effective, comprehensive lifecycle management of Dell EMC PowerEdge servers from a single console. A SQL injection vulnerability exists i...
PT-2024-7333
Name of the Vulnerable Software and Affected Versions: Dell OpenManage Enterprise versions OME 4.1 and prior Description: The issue is related to improper control of code generation, which could allow a remote attacker with low privileges to execute arbitrary code. This is a code injection...
Dell OpenManage POST Request Heap Overflow (win32)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dell OpenManage POST Request Heap Overflow win32', 'Description' = %q This module exploits a heap overflow in the Dell OpenManage Web Server...
CVE-2024-37130
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the...
CVE-2024-37130
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the...
CVE-2024-37130
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the...
CVE-2024-37130
CVE-2024-37130 (Dell OpenManage Server Administrator) is a Local Privilege Escalation via XSL Hijacking . Affected: Dell OpenManage Server Administrator versions 11.0.1.0 and prior . Root cause: an XSL hijack path enabling a local, low-privileged user to escalate to the admin user, potentially le...
Dell OpenManage Server Administrator Local Lift Vulnerability
Dell OpenManage Server Administrator is a server management tool for server monitoring and configuration. Dell OpenManage Server Administrator suffers from a local elevation vulnerability caused by XSL Hijacking, which can be exploited by a low-privileged attacker to elevate to administrator...
Dell OpenManage Server Administrator 代码问题漏洞
Dell OpenManage Server Administrator is a server management tool for server monitoring and configuration. Dell OpenManage Server Administrator suffers from a local elevation vulnerability caused by XSL Hijacking, which can be exploited by a low-privileged attacker to elevate to administrator...