Security News > 2021 > July > Dell Patches Critical Vulnerabilities in OpenManage Enterprise

Dell Patches Critical Vulnerabilities in OpenManage Enterprise
2021-07-22 11:23

Patches released this week by Dell for its OpenManage Enterprise product address multiple critical-severity vulnerabilities.

A systems management and monitoring application, Dell OpenManage Enterprise provides administrators with a comprehensive view of Dell EMC servers, network switches, and storage in their environment.

Another critical vulnerability that Dell patched in OpenManage Enterprise is CVE-2021-21585, an OS command injection bug in RACADM and IPMI tools that could allow a remote, authenticated malicious user that already has high privileges to execute arbitrary OS commands.

A third critical flaw patched in Dell OpenManage Enterprise is CVE-2021-21596, a remote code execution issue that could allow a malicious attacker that has access to the immediate subnet to access sensitive information and potentially elevate privileges.

The researchers said they discovered these vulnerabilities in July 2020, but reported them to Dell only this year.

A few other vulnerabilities that Kim and Torres discovered in OpenManage Enterprise were silently patched over the past year, according to the researchers.


News URL

http://feedproxy.google.com/~r/securityweek/~3/ONuOQRFcCvc/dell-patches-critical-vulnerabilities-openmanage-enterprise

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-09 CVE-2021-21596 Unspecified vulnerability in Dell products
Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability.
low complexity
dell
8.8
2021-08-09 CVE-2021-21585 OS Command Injection vulnerability in Dell Openmanage Enterprise
Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools.
network
low complexity
dell CWE-78
critical
9.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Dell 1764 98 476 312 95 981