ID CVE-2018-15767
Summary The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
References
Vulnerable Configurations
  • cpe:2.3:a:dell:openmanage_network_manager:6.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:dell:openmanage_network_manager:6.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:dell:openmanage_network_manager:6.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:dell:openmanage_network_manager:6.5.2:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE CWE-863
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 105912
exploit-db 45852
misc https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities
saint via4
bid 105912
description Dell OpenManage Network Manager MySQL vulnerability
title dell_openmanage_network_manager_mysql
type remote
Last major update 03-10-2019 - 00:03
Published 30-11-2018 - 17:29
Last modified 03-10-2019 - 00:03
Back to Top