CVE-2024-28961

HIGH Year: 2024
CVSS v3 Score
7.8
High
Weakness Type
CWE-256
View all →

Vulnerability Description

Dell OpenManage Enterprise, versions 4.0.0 and 4.0.1, contains a sensitive information disclosure vulnerability. A local low privileged malicious user could potentially exploit this vulnerability to obtain credentials leading to unauthorized access with elevated privileges. This could lead to further attacks, thus Dell recommends customers to upgrade at the earliest opportunity.

Related Vulnerabilities

CVE-2021-3787

HIGH
CVSS:7.8(High)

A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to ...

CWE-2562021

CVE-2022-22557

HIGH
CVSS:7.8(High)

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vuln...

CWE-2562022

CVE-2024-43378

HIGH
CVSS:7.8(High)

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning t...

CWE-2562024

CVE-2017-6049

HIGH
CVSS:7.5(High)

Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL.

CWE-2562017

CVE-2019-10921

HIGH
CVSS:7.5(High)

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp t...

CWE-2562019

CVE-2019-6518

HIGH
CVSS:7.5(High)

Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device.

CWE-2562019