Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database. A malicious OpenManage Network Manager user with database access privileges could potentially exploit this vulnerability to access files stored on the server filesystem. |