Security restrictions bypass in OpenManage Network Manager

#VU15905 Security restrictions bypass in OpenManage Network Manager

Published: 2021-06-17

Vulnerability identifier: #VU15905

Vulnerability risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-15768

CWE-ID: CWE-16

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
OpenManage Network Manager
Client/Desktop applications / Other client software

Vendor: Dell

Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.

The weakness exists due to insecure default configuration setting for the embedded MySQL database. A remote attacker with database access privileges can to bypass security restrictions and gain read/write access to files stored on the server filesystem.

Mitigation
The vulnerability has been fixed in the version 6.5.0.

Vulnerable software versions

OpenManage Network Manager: All versions

External links
http://www.dell.com/support/article/ua/ru/uadhs1/sln314610/dell-openmanage-network-manager-security...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell OpenManage Network Manager