CVE-2018-15767

HIGH

Dell Openmanage Network Manager < 6.5.3 - Incorrect Authorization

Title source: rule

Description

The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by KoreLogic · pythonwebappslinux

https://www.exploit-db.com/exploits/45852

View Code ZIP pw:eip

References (3)

[Mitigation, Vendor Advisory] https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities

[Exploit, Mitigation, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/45852/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105912

Scores

CVSS v3 8.8

EPSS 0.3665

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-863

Status published

Products (1)

dell/openmanage_network_manager < 6.5.3

Published Nov 30, 2018

Tracked Since Feb 18, 2026