Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-26198

Опубликовано: 16 дек. 2020
Источник: nvd
CVSS3: 6.1
CVSS3: 6.1
CVSS2: 4.3
EPSS Низкий

Описание

Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerability in the iDRAC9 web application. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:dell:idrac9_firmware:*:*:*:*:*:*:*:*
Версия до 4.32.10.00 (включая)
cpe:2.3:o:dell:idrac9_firmware:4.40.00.00:*:*:*:*:*:*:*
cpe:2.3:h:dell:idrac9:-:*:*:*:*:*:*:*

EPSS

Процентиль: 53%
0.00301
Низкий

6.1 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79
CWE-79

Связанные уязвимости

github логотип

GHSA-4mxg-rfj6-76c7

github
больше 3 лет назад

Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerability in the iDRAC9 web application. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link.

EPSS

Процентиль: 53%
0.00301
Низкий

6.1 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79
CWE-79