Dell

Idrac7 Firmware

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2020-5344

  • EPSS 4.12%
  • Veröffentlicht 31.03.2020 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:33:57

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute ar...

4.3

CVE-2019-3764

  • EPSS 0.24%
  • Veröffentlicht 07.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:42:29

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially...

10

CVE-2019-3705

  • EPSS 3.77%
  • Veröffentlicht 26.04.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:22

Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker...

8.8

CVE-2018-15774

  • EPSS 0.3%
  • Veröffentlicht 13.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:26

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could pot...

6.8

CVE-2018-15776

  • EPSS 0.72%
  • Veröffentlicht 13.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:26

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to get access to the u-boot shell.

7.5

CVE-2018-1243

  • EPSS 0.62%
  • Veröffentlicht 02.07.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:27

Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID value...

8.8

CVE-2018-1244

  • EPSS 1.41%
  • Veröffentlicht 02.07.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:27

Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exp...

9

CVE-2016-5685

  • EPSS 0.61%
  • Veröffentlicht 29.11.2016 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.

4.3

CVE-2013-3589

  • EPSS 1.04%
  • Veröffentlicht 24.09.2013 10:35:51
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web...