This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Dell | First view | 2018-03-23 |
| Product | Emc idrac7 | Last view | 2018-03-23 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:dell:emc_idrac7:*:*:*:*:*:*:*:* | 2 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2018-03-23 | CVE-2018-1211 | Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings. |
| 9.8 | 2018-03-23 | CVE-2018-1207 | Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 50% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-04-20 | Name: The remote host is affected by multiple vulnerabilities. File: drac_2018_03_20.nasl - Type: ACT_GATHER_INFO |
