CVE-2018-15768

Опубликовано: 30 нояб. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Средний

Описание

Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.

Ссылки

http://www.securityfocus.com/bid/105914
Third Party Advisory
VDB Entry
https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities
Mitigation
Vendor Advisory
https://www.exploit-db.com/exploits/45852/
Exploit
Mitigation
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/105914
Third Party Advisory
VDB Entry
https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities
Mitigation
Vendor Advisory
https://www.exploit-db.com/exploits/45852/
Exploit
Mitigation
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:openmanage_network_manager:*:*:*:*:*:*:*:*

Версия до 6.5.0 (исключая)

EPSS

Процентиль: 96%

0.24235

Средний

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-732

Связанные уязвимости

GHSA-grg9-5jg7-hgw6