Description
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Published: 2026-01-29
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Exposure
Action: Apply Patch
AI Analysis

Impact

Dell OpenManage Network Integration versions prior to 3.9 suffer an Improper Authentication flaw that allows a low‑privileged attacker with remote access to gain unauthorized credentials and read sensitive information. The vulnerability is limited to authentication bypass; it does not provide remote code execution or denial of service, but it does compromise confidentiality by exposing application data.

Affected Systems

The affected product is Dell OpenManage Network Integration. All installations running any version earlier than 3.9 are impacted. The specific product name appears as Dell OpenManage Network Integration, and the vendor is Dell.

Risk and Exploitability

The CVSS score of 4.3 indicates a low severity, and the EPSS score of less than 1% suggests a very low exploitation probability. The flaw can be leveraged by an attacker who obtains a low‑privileged account on the network or can reach the OpenManage server remotely, and can then bypass authentication to access privileged data. The vulnerability is not catalogued in KEV, and no public exploits have been reported, so the risk is moderate but still warrants patching before it is actively exploited.

Generated by OpenCVE AI on April 18, 2026 at 14:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Download and install the Dell OpenManage Network Integration update version 3.9 or later from Dell’s support site to address the authentication flaw.
  • If the update cannot be applied immediately, restrict network access to the OpenManage endpoints by configuring firewall rules or network segmentation to prevent remote low‑privileged connections until the patch is installed.
  • Perform an authentication test against the OpenManage service to confirm that the authentication bypass is no longer possible.

Generated by OpenCVE AI on April 18, 2026 at 14:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Title Improper Authentication Allows Information Exposure in Dell OpenManage Network Integration

Fri, 13 Feb 2026 20:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:dell:openmanage_network_integration:*:*:*:*:*:*:*:*

Fri, 30 Jan 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell openmanage Network Integration
Vendors & Products Dell
Dell openmanage Network Integration

Thu, 29 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 29 Jan 2026 11:00:00 +0000

Type Values Removed Values Added
Description Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Weaknesses CWE-287
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Dell Openmanage Network Integration
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-01-29T15:38:13.946Z

Reserved: 2026-01-09T18:05:08.764Z

Link: CVE-2026-22764

cve-icon Vulnrichment

Updated: 2026-01-29T15:35:52.390Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-29T11:15:53.250

Modified: 2026-02-13T20:37:26.193

Link: CVE-2026-22764

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T14:45:03Z

Weaknesses