Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Idrac7_firmware | Dell | * | 2.65.65.65 (excluding) |
Idrac8_firmware | Dell | * | 2.70.70.70 (excluding) |
Idrac9_firmware | Dell | * | 3.36.36.36 (excluding) |