CVE-2018-15767

Improper Authorization Vulnerability

EPSS 12.3%

In short

Dell OpenManage Network Manager versions before 6.5.3 have a security misconfiguration that allows users to perform actions they shouldn't be able to perform due to incorrect permission settings in the system file that controls administrative privileges.

Technical detail

An improper authorization vulnerability exists in Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 due to misconfiguration in the /etc/sudoers file, allowing local users to escalate privileges and execute commands with elevated permissions beyond their intended authorization level.

Summary generated and translated by AI from the official description.

The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.

Affected products

Dell · OpenManage Network Manager

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/45852/unverified exploitdbwww.exploit-db.com/exploits/45852unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/article/us/en/04/sln314610/dell-openmanage-network-manager-security-vulnerabilities https://www.exploit-db.com/exploits/45852/http://www.securityfocus.com/bid/105912