CVE-2018-15767

Опубликовано: 30 нояб. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Средний

Описание

The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.

Ссылки

http://www.securityfocus.com/bid/105912
Third Party Advisory
VDB Entry
https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities
Mitigation
Vendor Advisory
https://www.exploit-db.com/exploits/45852/
Exploit
Mitigation
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/105912
Third Party Advisory
VDB Entry
https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities
Mitigation
Vendor Advisory
https://www.exploit-db.com/exploits/45852/
Exploit
Mitigation
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:openmanage_network_manager:*:*:*:*:*:*:*:*

Версия до 6.5.3 (исключая)

EPSS

Процентиль: 97%

0.40344

Средний

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-863

Связанные уязвимости

GHSA-4f9c-xgf5-f9p3