CVE-2021-21530: OS Command Injection
First published: Mon Apr 12 2021(Updated: )
Dell OpenManage Enterprise-Modular (OME-M) versions prior to 1.30.00 contain a security bypass vulnerability. An authenticated malicious user with low privileges may potentially exploit the vulnerability to escape from the restricted environment and gain access to sensitive information in the system, resulting in information disclosure and elevation of privilege.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell OpenManage | <1.30.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-21530?
CVE-2021-21530 is classified as a high severity vulnerability due to its potential for an authenticated user to gain access to sensitive information.
How do I fix CVE-2021-21530?
To remediate CVE-2021-21530, update Dell OpenManage Enterprise-Modular to version 1.30.00 or later.
Who is affected by CVE-2021-21530?
CVE-2021-21530 affects authenticated users of Dell OpenManage Enterprise-Modular versions prior to 1.30.00.
What type of vulnerability is CVE-2021-21530?
CVE-2021-21530 is a security bypass vulnerability that allows low-privileged users to escape a restricted environment.
What are the potential implications of CVE-2021-21530?
Exploiting CVE-2021-21530 could allow an attacker to access sensitive information in the system, compromising data security.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/remedy
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dell
- canonical/dell openmanage