7.9
CVE-2024-0172
- EPSS 0.06%
- Published 03.04.2024 10:15:08
- Last modified 04.02.2025 17:34:14
- Source security_alert@emc.com
- Teams watchlist Login
- Open Login
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.
Data is provided by the National Vulnerability Database (NVD)
Dell ≫ Poweredge R660 Firmware Version < 1.5.6
Dell ≫ Poweredge R760 Firmware Version < 1.5.6
Dell ≫ Poweredge C6620 Firmware Version < 1.5.6
Dell ≫ Poweredge Mx760c Firmware Version < 1.5.6
Dell ≫ Poweredge R860 Firmware Version < 1.5.6
Dell ≫ Poweredge R960 Firmware Version < 1.5.6
Dell ≫ Poweredge Hs5610 Firmware Version < 1.5.6
Dell ≫ Poweredge Hs5620 Firmware Version < 1.5.6
Dell ≫ Poweredge R660xs Firmware Version < 1.5.6
Dell ≫ Poweredge R760xs Firmware Version < 1.5.6
Dell ≫ Poweredge R760xd2 Firmware Version < 1.5.6
Dell ≫ Poweredge T560 Firmware Version < 1.5.6
Dell ≫ Poweredge R760xa Firmware Version < 1.1.3
Dell ≫ Poweredge Xe9680 Firmware Version < 1.1.3
Dell ≫ Poweredge Xr5610 Firmware Version < 1.1.4
Dell ≫ Poweredge Xr8610t Firmware Version < 1.1.3
Dell ≫ Poweredge Xr8620t Firmware Version < 1.1.3
Dell ≫ Poweredge Xr7620 Firmware Version < 1.5.6
Dell ≫ Poweredge Xe8640 Firmware Version < 1.2.5
Dell ≫ Poweredge Xe9640 Firmware Version < 1.3.6
Dell ≫ Poweredge R6615 Firmware Version < 1.4.6
Dell ≫ Poweredge R7615 Firmware Version < 1.4.6
Dell ≫ Poweredge R6625 Firmware Version < 1.4.6
Dell ≫ Poweredge R7625 Firmware Version < 1.4.6
Dell ≫ Poweredge R650 Firmware Version < 1.11.2
Dell ≫ Poweredge R750 Firmware Version < 1.11.2
Dell ≫ Poweredge R750xa Firmware Version < 1.11.2
Dell ≫ Poweredge C6520 Firmware Version < 1.11.2
Dell ≫ Poweredge Mx750c Firmware Version < 1.11.2
Dell ≫ Poweredge R550 Firmware Version < 1.11.2
Dell ≫ Poweredge R450 Firmware Version < 1.11.2
Dell ≫ Poweredge R650xs Firmware Version < 1.11.2
Dell ≫ Poweredge R750xs Firmware Version < 1.11.2
Dell ≫ Poweredge T550 Firmware Version < 1.11.2
Dell ≫ Poweredge Xr11 Firmware Version < 1.11.2
Dell ≫ Poweredge Xr12 Firmware Version < 1.11.2
Dell ≫ Poweredge T150 Firmware Version < 1.7.3
Dell ≫ Poweredge T350 Firmware Version < 1.7.3
Dell ≫ Poweredge R250 Firmware Version < 1.7.3
Dell ≫ Poweredge R350 Firmware Version < 1.7.3
Dell ≫ Poweredge Xr4510c Firmware Version < 1.12.1
Dell ≫ Poweredge Xr4520c Firmware Version < 1.12.1
Dell ≫ Poweredge R6515 Firmware Version < 2.12.4
Dell ≫ Poweredge R6525 Firmware Version < 2.12.4
Dell ≫ Poweredge R7515 Firmware Version < 2.12.4
Dell ≫ Poweredge R7525 Firmware Version < 2.12.4
Dell ≫ Poweredge C6525 Firmware Version < 2.12.4
Dell ≫ Poweredge Xe8545 Firmware Version < 2.12.4
Dell ≫ Poweredge R740 Firmware Version < 2.19.1
Dell ≫ Poweredge R740xd Firmware Version < 2.19.1
Dell ≫ Poweredge R640 Firmware Version < 2.19.1
Dell ≫ Poweredge R940 Firmware Version < 2.19.1
Dell ≫ Poweredge R540 Firmware Version < 2.19.1
Dell ≫ Poweredge R440 Firmware Version < 2.19.1
Dell ≫ Poweredge T440 Firmware Version < 2.19.1
Dell ≫ Poweredge Xr2 Firmware Version < 2.19.1
Dell ≫ Poweredge R740xd2 Firmware Version < 2.19.1
Dell ≫ Poweredge R840 Firmware Version < 2.19.1
Dell ≫ Poweredge R940xa Firmware Version < 2.19.1
Dell ≫ Poweredge T640 Firmware Version < 2.19.1
Dell ≫ Poweredge C6420 Firmware Version < 2.19.1
Dell ≫ Poweredge Fc640 Firmware Version < 2.19.1
Dell ≫ Poweredge M640 Firmware Version < 2.19.1
Dell ≫ Poweredge M640 (pe Vrtx) Firmware Version < 2.19.1
Dell ≫ Poweredge Mx740c Firmware Version < 2.19.1
Dell ≫ Poweredge Mx840c Firmware Version < 2.19.1
Dell ≫ Poweredge C4140 Firmware Version < 2.19.1
Dell ≫ Dss 8440 Firmware Version < 2.19.0
Dell ≫ Poweredge Xe2420 Firmware Version < 2.19.0
Dell ≫ Poweredge Xe7420 Firmware Version < 2.19.0
Dell ≫ Poweredge Xe7440 Firmware Version < 2.19.0
Dell ≫ Poweredge T140 Firmware Version < 2.14.1
Dell ≫ Poweredge T340 Firmware Version < 2.14.1
Dell ≫ Poweredge R240 Firmware Version < 2.14.1
Dell ≫ Poweredge R340 Firmware Version < 2.14.1
Dell ≫ Poweredge R6415 Firmware Version < 1.20.0
Dell ≫ Poweredge R7415 Firmware Version < 1.20.0
Dell ≫ Poweredge R7425 Firmware Version < 1.20.0
Dell ≫ Emc Storage Nx3240 Firmware Version < 2.19.1
Dell ≫ Emc Storage Nx3340 Firmware Version < 2.19.1
Dell ≫ Nx440 Firmware Version < 2.14.1
Dell ≫ Emc Xc Core Xc450 Firmware Version < 1.11.2
Dell ≫ Emc Xc Core Xc650 Firmware Version < 1.11.2
Dell ≫ Emc Xc Core Xc750 Firmware Version < 1.11.2
Dell ≫ Emc Xc Core Xc750xa Firmware Version < 1.11.2
Dell ≫ Emc Xc Core Xc6520 Firmware Version < 1.11.2
Dell ≫ Emc Xc Core 6420 System Firmware Version < 2.19.1
Dell ≫ Emc Xc Core Xc640 System Firmware Version < 2.19.1
Dell ≫ Emc Xc Core Xc740xd System Firmware Version < 2.19.1
Dell ≫ Emc Xc Core Xc740xd2 Firmware Version < 2.19.1
Dell ≫ Emc Xc Core Xc940 System Firmware Version < 2.19.1
Dell ≫ Emc Xc Core Xcxr2 Firmware Version < 2.19.1
Dell ≫ Emc Xc Core Xc7525 Firmware Version < 2.12.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.174 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security_alert@emc.com | 7.9 | 2.5 | 4.7 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.