Skip to main content

Idrac6 Monolithic

3 CVEs product

Monthly

CVE-2018-1212 HIGH This Week

The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Idrac6 Modular Idrac6 Monolithic
NVD
CVSS 3.0
8.8
EPSS
4.3%
CVE-2014-8272 MEDIUM POC THREAT This Month

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 59.6%.

Information Disclosure Dell Idrac6 Modular Idrac7 Ipmi +1
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
59.6%
Threat
4.3
CVE-2013-3589 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Dell XSS Idrac6 Firmware Idrac6 Monolithic Idrac7 Firmware +1
NVD
CVSS 2.0
4.3
EPSS
1.0%
EPSS 4% CVSS 8.8
HIGH This Week

The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Idrac6 Modular +1
NVD
EPSS 60% 4.3 CVSS 5.0
MEDIUM POC THREAT This Month

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 59.6%.

Information Disclosure Dell Idrac6 Modular +3
NVD Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Dell XSS Idrac6 Firmware +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy