Описание
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
Комментарий
Ссылки
- Exploit
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Exploit
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 3.60 (включая)
cpe:2.3:a:dell:idrac6_modular:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.56.55 (включая)
cpe:2.3:a:dell:idrac7:*:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:intel:ipmi:1.5:*:*:*:*:*:*:*
Конфигурация 4Версия до 1.97 (включая)
cpe:2.3:a:dell:idrac6_monolithic:*:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.53427
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
EPSS
Процентиль: 98%
0.53427
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other