Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-28961

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to obtain credentials leading to unauthorized access with elevated privileges. This could lead to further attacks, thus Dell recommends customers to upgrade at the earliest opportunity.

Published

2024-04-29T09:15:07.477

Last Modified

2025-02-03T20:52:51.730

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-256
Type: Primary
CWE-522

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	dell	openmanage_enterprise	4.0	Yes
Application	dell	openmanage_enterprise	4.0.1	Yes

References

https://www.dell.com/support/kbdoc/en-us/000224251/dsa-2024-184-security-update-for-dell-openmanage-enterprise-vulnerability Vendor Advisory ([email protected])
https://www.dell.com/support/kbdoc/en-us/000224251/dsa-2024-184-security-update-for-dell-openmanage-enterprise-vulnerability Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)