← back
CVE-2024-25944

CVE-2024-25944

CVSS 5.7 MEDIUMEPSS 0.8%CWE-23
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.7EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
29 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Dell OpenManage Enterprise, v4.0 and prior, contain(s) a path traversal vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, to gain unauthorized access to the files stored on the server filesystem, with the privileges of the running web application.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
Dell · Dell OpenManage Enterprise

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.dell.com/support/kbdoc/en-us/000223623/dsa-2024-100-security-update-for-dell-openmanage-enterprise-path-traversal-sensitive-data-disclosure-vulnerability