Dell OpenManage Network Manager MySQL vulnerability

Added: 11/20/2018
BID: 105912

Background

Dell OpenManage Network Manager is a product for monitoring and managing network devices.

Problem

Dell OpenManage Network Manager runs the MySQL database service with root privileges and enables default database accounts, allowing a remote attacker to write arbitrary files, leading to arbitrary command execution.

Resolution

Upgrade to Dell OpenManage Network Manager 6.5.3 or higher.

References

https://korelogic.com/Resources/Advisories/KL-001-2018-009.txt

Back to exploit index