Vulnerabilities > CVE-2024-37130 - Unspecified vulnerability in Dell Openmanage Server Administrator

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dell

NVD

Published: 2024-06-11

Updated: 2025-01-09

Summary

Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains a Local Privilege Escalation vulnerability via XSL Hijacking. A local low-privileged malicious user could potentially exploit this vulnerability and escalate their privilege to the admin user and gain full control of the machine. Exploitation may lead to a complete system compromise.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Openmanage Server Administrator 1.00.0000 Dell Openmanage Server Administrator 4.3.0 Dell Openmanage Server Administrator 4.4.0 Dell Openmanage Server Administrator 4.5.0 Dell Openmanage Server Administrator 5.0.0 Dell Openmanage Server Administrator 5.1.0 Dell Openmanage Server Administrator 5.1.0.1 Dell Openmanage Server Administrator 5.2.0 Dell Openmanage Server Administrator 5.3.0 Dell Openmanage Server Administrator 5.4.0 Dell Openmanage Server Administrator 5.5.0 Dell Openmanage Server Administrator 5.5.0.1 Dell Openmanage Server Administrator 6.2.0 Dell Openmanage Server Administrator 6.3.0 Dell Openmanage Server Administrator 6.4.0 Dell Openmanage Server Administrator 6.5.0 Dell Openmanage Server Administrator 6.5.0.1 Dell Openmanage Server Administrator 7.0.0 Dell Openmanage Server Administrator 7.0.0.1 Dell Openmanage Server Administrator 7.1.0 Dell Openmanage Server Administrator 7.1.0.1 Dell Openmanage Server Administrator 7.2.0 Dell Openmanage Server Administrator 7.3.0 Dell Openmanage Server Administrator 8.2 Dell Openmanage Server Administrator 9.4.0.3 Dell Openmanage Server Administrator 9.5.0.0 Dell Openmanage Server Administrator 9.5.0.1	27

Summary

Vulnerable Configurations

References