Web Interface Authentication Bypass Vulnerability

Vulnerability

Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22, and 3.21.25.22 contain an authentication bypass vulnerability in the web interface. [1] A remote attacker can send specially crafted data to the iDRAC web interface to bypass authentication and gain access to the system. [1]

Exploitation

An unauthenticated remote attacker with network access to the iDRAC web interface can exploit this vulnerability by sending specially crafted input data to the affected system. No prior authentication or user interaction is required; the attack complexity is low according to the CVSSv3 vector (AC:L). [1]

Impact

Successful exploitation allows a remote attacker to bypass authentication and gain access to the iDRAC9 system. The CVSSv3 Base Score is 8.6 (High) with impacts to confidentiality (low), integrity (low), and availability (high). [1] The attacker can potentially compromise the management interface, leading to full system compromise of the managed server.

Mitigation

Dell Technologies released firmware updates to address this vulnerability. Affected users should upgrade to iDRAC9 version 3.24.24.24, 3.21.26.22, 3.22.22.22, or 3.21.25.22, or later. [1] No known workarounds are documented; updating to a fixed version is the recommended mitigation. This CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of publication date.