3 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper access control vulnerability. A remote low privileged user could potentially exploit this vulnerability via the HTTP GET method leading to unauthorized action with elevated privileges. • https://www.dell.com/support/kbdoc/en-us/000258320/dsa-2024-481-security-update-for-dell-openmanage-server-administrator-omsa-vulnerability • CWE-862: Missing Authorization •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileged malicious user could potentially exploit this vulnerability to load any web plugins or Java class leading to the possibility of altering the behavior of certain apps/OS or Denial of Service. • https://www.dell.com/support/kbdoc/en-us/000258320/dsa-2024-481-security-update-for-dell-openmanage-server-administrator-omsa-vulnerability • CWE-20: Improper Input Validation •

CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise. Dell OpenManage Server Administrator, versiones 11.0.1.0 y anteriores, contiene una vulnerabilidad de escalada de privilegios locales mediante secuestro XSL. Un usuario malintencionado local con pocos privilegios podría explotar esta vulnerabilidad y escalar sus privilegios al usuario administrador y obtener el control total de la máquina. • https://www.dell.com/support/kbdoc/en-us/000225914/dsa-2024-264-dell-openmanage-server-administrator-omsa-security-update-for-local-privilege-escalation-via-xsl-hijacking-vulnerability • CWE-427: Uncontrolled Search Path Element •