CVE-2021-21530 HIGH

CVE-2021-21530

Vendor Dell
Product OpenManage Enterprise
Weakness CWE-78
Published April 30, 2021
Last update September 16, 2024

CVSS base score

8.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

What the vulnerability does

01Description

Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.

Key dates

02Disclosure timeline

April 30, 2021 CVE published
September 16, 2024 Record updated