Multiple vulnerabilities in Dell OpenManage Network Manager

Published: 2018-11-15

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2018-15767 CVE-2018-15768
CWE-ID	CWE-285 CWE-16
Exploitation vector	Network
Public exploit	Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available.
Vulnerable software Subscribe	OpenManage Network Manager Client/Desktop applications / Other client software
Vendor	Dell

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Improper authorization

EUVDB-ID: #VU15904

Risk: Low

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-15767

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: Yes

Description

The vulnerability allows a remote authenticated attacker to gain elevated privileges on the target system.

The weakness exists due to misconfiguration in the /etc/sudoers file. A remote attacker with ‘synergy’ account privileges can bypass authorization and run arbitrary commands with root privileges.

Mitigation

The vulnerability has been fixed in the versions 6.5.0, 6.5.3.

Vulnerable software versions

OpenManage Network Manager: before 6.5.3

External links

http://www.dell.com/support/article/ua/ru/uadhs1/sln314610/dell-openmanage-network-manager-security...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Security restrictions bypass

EUVDB-ID: #VU15905

Risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-15768

CWE-ID: CWE-16 - Configuration