Unrated severityNVD Advisory· Published Jul 2, 2018· Updated Sep 16, 2024

iDRAC7/iDRAC8/iDrac9 contains a command injection vulnerability in the SNMP agent.

CVE-2018-1244

Description

Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled.

Affected products

Dell Emc/Idrac7v5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

en.community.dell.com/techcenter/extras/m/white_papers/20487494mitrex_refsource_CONFIRM
www.securityfocus.com/bid/104964mitrevdb-entryx_refsource_BID

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000