Dell

Idrac8 Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2022-34436

  • EPSS 0.04%
  • Veröffentlicht 18.01.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 07:09:33

Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-do...

6.1

CVE-2021-21510

  • EPSS 0.81%
  • Veröffentlicht 08.03.2021 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:48:30

Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirec...

10

CVE-2020-5344

  • EPSS 4.12%
  • Veröffentlicht 31.03.2020 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:33:57

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute ar...

4.3

CVE-2019-3764

  • EPSS 0.24%
  • Veröffentlicht 07.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:42:29

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially...

10

CVE-2019-3705

  • EPSS 3.77%
  • Veröffentlicht 26.04.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:22

Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker...

8.8

CVE-2018-15774

  • EPSS 0.3%
  • Veröffentlicht 13.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:26

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could pot...

6.8

CVE-2018-15776

  • EPSS 0.72%
  • Veröffentlicht 13.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:26

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to get access to the u-boot shell.

7.5

CVE-2018-1243

  • EPSS 0.62%
  • Veröffentlicht 02.07.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:27

Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID value...

8.8

CVE-2018-1244

  • EPSS 1.41%
  • Veröffentlicht 02.07.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:27

Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exp...

9

CVE-2016-5685

  • EPSS 0.61%
  • Veröffentlicht 29.11.2016 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.