Summary
Detail | |||
---|---|---|---|
Vendor | Dell | First view | 2018-03-23 |
Product | Emc idrac7 | Last view | 2018-03-23 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:dell:emc_idrac7:*:*:*:*:*:*:*:* | 2 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2018-03-23 | CVE-2018-1211 | Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings. |
9.8 | 2018-03-23 | CVE-2018-1207 | Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
50% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2018-04-20 | Name: The remote host is affected by multiple vulnerabilities. File: drac_2018_03_20.nasl - Type: ACT_GATHER_INFO |