3.8.4

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

dell

NVD

Published: 2024-05-01

Updated: 2024-11-21

Summary

Dell OpenManage Enterprise, versions 4.1.0 and older, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Openmanage Enterprise - Dell Openmanage Enterprise 3.5 Dell Openmanage Enterprise 3.6.1 Dell Openmanage Enterprise 3.8.4	4

References

https://www.dell.com/support/kbdoc/en-us/000224642/dsa-2024-202-security-update-for-dell-openmanage-enterprise-vulnerability
https://www.dell.com/support/kbdoc/en-us/000224642/dsa-2024-202-security-update-for-dell-openmanage-enterprise-vulnerability