CVE-2024-28961 MEDIUM

CVE-2024-28961

Vendor Dell
Product Dell OpenManage Enterprise
Weakness CWE-256
Published April 29, 2024
Last update August 2, 2024

CVSS base score

6.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to obtain credentials leading to unauthorized access with elevated privileges. This could lead to further attacks, thus Dell recommends customers to upgrade at the earliest opportunity.

Key dates

02Disclosure timeline

April 29, 2024 CVE published
August 2, 2024 Record updated