Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for OpenManage Network Manager by Dell
VAR-201811-0036
Vulnerability from variot - Updated: 2023-12-18 12:00Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database. Dell OpenManage Network Manager Contains an access control vulnerability.Information may be obtained. Remote attackers can exploit this issue to gain elevated privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0036",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openmanage network manager",
"scope": "lt",
"trust": 1.8,
"vendor": "dell",
"version": "6.5.0"
},
{
"model": "openmanage network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "6.0"
},
{
"model": "openmanage network manager",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "6.5"
}
],
"sources": [
{
"db": "BID",
"id": "105914"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "NVD",
"id": "CVE-2018-15768"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:openmanage_network_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15768"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Bergin (@thatguylevel) of KoreLogic, Inc.",
"sources": [
{
"db": "BID",
"id": "105914"
}
],
"trust": 0.3
},
"cve": "CVE-2018-15768",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-15768",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-126060",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15768",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15768",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-125",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-126060",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126060"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database. Dell OpenManage Network Manager Contains an access control vulnerability.Information may be obtained. \nRemote attackers can exploit this issue to gain elevated privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "BID",
"id": "105914"
},
{
"db": "VULHUB",
"id": "VHN-126060"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-126060",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126060"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15768",
"trust": 2.8
},
{
"db": "BID",
"id": "105914",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "45852",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-125",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-126060",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126060"
},
{
"db": "BID",
"id": "105914"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"id": "VAR-201811-0036",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126060"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:00:58.651000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Dell OpenManage Network Manager Security Vulnerabilities",
"trust": 0.8,
"url": "https://www.dell.com/support/article/jp/ja/jpdhs1/sln314610/dell-openmanage-network-manager-security-vulnerabilities?lang=en"
},
{
"title": "Dell OpenManage Network Manager Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86632"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126060"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "NVD",
"id": "CVE-2018-15768"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/105914"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"trust": 1.7,
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15768"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15768"
},
{
"trust": 0.3,
"url": "https://support.software.dell.com/sonicwall-netextender/windows"
},
{
"trust": 0.3,
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities?lang=en"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126060"
},
{
"db": "BID",
"id": "105914"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126060"
},
{
"db": "BID",
"id": "105914"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-126060"
},
{
"date": "2018-11-14T00:00:00",
"db": "BID",
"id": "105914"
},
{
"date": "2019-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"date": "2018-11-30T17:29:00.363000",
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"date": "2018-11-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-126060"
},
{
"date": "2018-11-14T00:00:00",
"db": "BID",
"id": "105914"
},
{
"date": "2019-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012239"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-15768"
},
{
"date": "2020-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell OpenManage Network Manager Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012239"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-125"
}
],
"trust": 0.6
}
}
VAR-201811-0035
Vulnerability from variot - Updated: 2023-12-18 12:00The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. Dell OpenManage Network Manager is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openmanage network manager",
"scope": "lt",
"trust": 1.8,
"vendor": "dell",
"version": "6.5.3"
},
{
"model": "openmanage network manager",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "6.5"
},
{
"model": "openmanage network manager",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "6.5.3"
}
],
"sources": [
{
"db": "BID",
"id": "105912"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "NVD",
"id": "CVE-2018-15767"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:openmanage_network_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15767"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Matt Bergin (@thatguylevel) of KoreLogic, Inc.",
"sources": [
{
"db": "BID",
"id": "105912"
}
],
"trust": 0.3
},
"cve": "CVE-2018-15767",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15767",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-126059",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15767",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15767",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-124",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-126059",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126059"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. Dell OpenManage Network Manager is prone to an authorization-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "BID",
"id": "105912"
},
{
"db": "VULHUB",
"id": "VHN-126059"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-126059",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126059"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "105912",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2018-15767",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "45852",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-124",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "150204",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-126059",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126059"
},
{
"db": "BID",
"id": "105912"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"id": "VAR-201811-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126059"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:00:58.620000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Dell OpenManage Network Manager Security Vulnerabilities",
"trust": 0.8,
"url": "https://www.dell.com/support/article/jp/ja/jpdhs1/sln314610/dell-openmanage-network-manager-security-vulnerabilities?lang=en"
},
{
"title": "Dell OpenManage Network Manager Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86631"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.1
},
{
"problemtype": "CWE-285",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126059"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "NVD",
"id": "CVE-2018-15767"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/105912"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"trust": 1.7,
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15767"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15767"
},
{
"trust": 0.3,
"url": "http://dell.com"
},
{
"trust": 0.3,
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities?lang=en"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126059"
},
{
"db": "BID",
"id": "105912"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126059"
},
{
"db": "BID",
"id": "105912"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-126059"
},
{
"date": "2018-11-14T00:00:00",
"db": "BID",
"id": "105912"
},
{
"date": "2019-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"date": "2018-11-30T17:29:00.317000",
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"date": "2018-11-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-126059"
},
{
"date": "2018-11-14T00:00:00",
"db": "BID",
"id": "105912"
},
{
"date": "2019-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012240"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-15767"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell OpenManage Network Manager Authorization vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-124"
}
],
"trust": 0.6
}
}
CVE-2018-15768 (GCVE-0-2018-15768)
Vulnerability from cvelistv5 – Published: 2018-11-30 17:00 – Updated: 2024-09-17 03:59
VLAI
Title
Insecure MySQL Configuration Vulnerability
Summary
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
Severity
No CVSS data available.
CWE
- Insecure MySQL Configuration Vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105914 | vdb-entryx_refsource_BID |
| https://www.dell.com/support/article/us/en/04/sln… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/45852/ | exploitx_refsource_EXPLOIT-DB |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | OpenManage Network Manager |
Affected:
unspecified , < 6.5.0
(custom)
|
Date Public
2018-11-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:01:54.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105914"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45852/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenManage Network Manager",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure MySQL Configuration Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-01T10:57:01.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "105914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105914"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45852/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure MySQL Configuration Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-11-02T05:00:00.000Z",
"ID": "CVE-2018-15768",
"STATE": "PUBLIC",
"TITLE": "Insecure MySQL Configuration Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenManage Network Manager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.5.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure MySQL Configuration Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105914"
},
{
"name": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45852/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-15768",
"datePublished": "2018-11-30T17:00:00.000Z",
"dateReserved": "2018-08-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:59:31.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15767 (GCVE-0-2018-15767)
Vulnerability from cvelistv5 – Published: 2018-11-30 17:00 – Updated: 2024-09-17 03:53
VLAI
Title
Improper Authorization Vulnerability
Summary
The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
Severity
No CVSS data available.
CWE
- Improper Authorization Vulnerability.
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.dell.com/support/article/us/en/04/sln… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/45852/ | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/105912 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | OpenManage Network Manager |
Affected:
unspecified , < 6.5.3
(custom)
Affected: unspecified , < 6.5.0 (custom) |
Date Public
2018-11-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:01:54.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"name": "105912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenManage Network Manager",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.5.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "6.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authorization Vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-01T10:57:01.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"name": "105912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105912"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Authorization Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-11-02T05:00:00.000Z",
"ID": "CVE-2018-15767",
"STATE": "PUBLIC",
"TITLE": "Improper Authorization Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenManage Network Manager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.5.3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.5.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization Vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"name": "105912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105912"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-15767",
"datePublished": "2018-11-30T17:00:00.000Z",
"dateReserved": "2018-08-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:53:45.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15768 (GCVE-0-2018-15768)
Vulnerability from nvd – Published: 2018-11-30 17:00 – Updated: 2024-09-17 03:59
VLAI
Title
Insecure MySQL Configuration Vulnerability
Summary
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
Severity
No CVSS data available.
CWE
- Insecure MySQL Configuration Vulnerability
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105914 | vdb-entryx_refsource_BID |
| https://www.dell.com/support/article/us/en/04/sln… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/45852/ | exploitx_refsource_EXPLOIT-DB |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | OpenManage Network Manager |
Affected:
unspecified , < 6.5.0
(custom)
|
Date Public
2018-11-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:01:54.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105914"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45852/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenManage Network Manager",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure MySQL Configuration Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-01T10:57:01.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "105914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105914"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45852/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure MySQL Configuration Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-11-02T05:00:00.000Z",
"ID": "CVE-2018-15768",
"STATE": "PUBLIC",
"TITLE": "Insecure MySQL Configuration Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenManage Network Manager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.5.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure MySQL Configuration Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105914"
},
{
"name": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45852/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-15768",
"datePublished": "2018-11-30T17:00:00.000Z",
"dateReserved": "2018-08-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:59:31.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-15767 (GCVE-0-2018-15767)
Vulnerability from nvd – Published: 2018-11-30 17:00 – Updated: 2024-09-17 03:53
VLAI
Title
Improper Authorization Vulnerability
Summary
The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
Severity
No CVSS data available.
CWE
- Improper Authorization Vulnerability.
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.dell.com/support/article/us/en/04/sln… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/45852/ | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/105912 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | OpenManage Network Manager |
Affected:
unspecified , < 6.5.3
(custom)
Affected: unspecified , < 6.5.0 (custom) |
Date Public
2018-11-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:01:54.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"name": "105912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenManage Network Manager",
"vendor": "Dell",
"versions": [
{
"lessThan": "6.5.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "6.5.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-11-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authorization Vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-01T10:57:01.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"name": "105912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105912"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Authorization Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-11-02T05:00:00.000Z",
"ID": "CVE-2018-15767",
"STATE": "PUBLIC",
"TITLE": "Improper Authorization Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenManage Network Manager",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.5.3"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "6.5.0"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization Vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities",
"refsource": "MISC",
"url": "https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities"
},
{
"name": "45852",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45852/"
},
{
"name": "105912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105912"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-15767",
"datePublished": "2018-11-30T17:00:00.000Z",
"dateReserved": "2018-08-23T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:53:45.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}