VYPR

Idrac6 Monolithic

by Dell

CVEs (3)

  • CVE-2018-1212HigJul 2, 2018
    risk 0.58cvss 8.8epss 0.04

    The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this…

  • CVE-2014-8272Dec 19, 2014
    risk 0.05cvss epss 0.21

    The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.

  • CVE-2013-3589Sep 24, 2013
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the…