2 results (0.004 seconds)

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-28979

https://notcve.org/view.php?id=CVE-2024-28979

Dell OpenManage Enterprise, versions prior to 4.1.0, contains an XSS injection vulnerability in UI. A high privileged local attacker could potentially exploit this vulnerability, leading to JavaScript injection. Dell OpenManage Enterprise, versiones anteriores a la 4.1.0, contiene una vulnerabilidad de inyección XSS en la interfaz de usuario. Un atacante local con privilegios elevados podría explotar esta vulnerabilidad, lo que provocaría una inyección de JavaScript. Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. • https://www.dell.com/support/kbdoc/en-us/000224642/dsa-2024-202-security-update-for-dell-openmanage-enterprise-vulnerability • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2024-28978

https://notcve.org/view.php?id=CVE-2024-28978

Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control vulnerability. A high privileged remote attacker could potentially exploit this vulnerability, leading to unauthorized access to resources. Dell OpenManage Enterprise, versiones 3.10 y 4.0, contiene una vulnerabilidad de control de acceso inadecuado. Un atacante remoto con privilegios elevados podría explotar esta vulnerabilidad, lo que provocaría un acceso no autorizado a los recursos. • https://www.dell.com/support/kbdoc/en-us/000224641/dsa-2024-201-security-update-for-dell-openmanage-enterprise-vulnerability • CWE-284: Improper Access Control •