Описание
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.75.100.75 (исключая)
cpe:2.3:o:dell:idrac8_firmware:*:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00818
Низкий
6.1 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-20
CWE-74
Связанные уязвимости
CVSS3: 6.1
github
около 3 лет назад
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.
EPSS
Процентиль: 73%
0.00818
Низкий
6.1 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-20
CWE-74