CVE-2021-21530
published 2021-04-30CVE-2021-21530: Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low…
PriorityP347high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.92%
55.7th percentile
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | openmanage_enterprise | >= unspecified < 1.30.00 | 1.30.00 |
| dell | openmanage_enterprise-modular | < 1.30.00 | 1.30.00 |
| fig2dev_project | fig2dev | >= 0 < 1:3.2.6a-6ubuntu1.1 | 1:3.2.6a-6ubuntu1.1 |
| fig2dev_project | fig2dev | >= 0 < 1:3.2.7a-7ubuntu0.1 | 1:3.2.7a-7ubuntu0.1 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
fig2dev vulnerabilities
osv·2023-02-13·CVSS 5.5
CVE-2019-14275 fig2dev vulnerabilities
fig2dev vulnerabilities
Frederic Cambus discovered that Fig2dev incorrectly handled certain image
files. If a user or an automated system were tricked into opening a certain
specially crafted input file, a remote attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.
(CVE-2019-14275)
It was discovered that Fig2dev incorrectly handled certain image files. If
a user or an automated system were tricked into opening a certain specially
crafted input file, a remote attacker could possibly use this issue to cause
a denial of service. (CVE-2019-19555, CVE-2019-19797, CVE-2020-21529,
CVE-2020-21530, CVE-2020-21531, CVE-2020-21532, CVE-2020-21533,
CVE-2020-21534, CVE-2020-21535, CVE-2020-21675, CVE-2020-21676,
CVE-2021-3561)
It was discove
GHSA
GHSA-w2cq-9r8h-pfww: Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1
ghsa_unreviewed·2022-05-24
CVE-2021-21530 [HIGH] CWE-78 GHSA-w2cq-9r8h-pfww: Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-04-30
Published