Описание
iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.00.20.00 (исключая)
Одновременно
cpe:2.3:o:dell:integrated_dell_remote_access_controller_9_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:integrated_dell_remote_access_controller_9:-:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00549
Низкий
5.9 Medium
CVSS3
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-89
CWE-74
Связанные уязвимости
github
около 4 лет назад
iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to iDRAC.
EPSS
Процентиль: 67%
0.00549
Низкий
5.9 Medium
CVSS3
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-89
CWE-74