VYPR

Idrac7

by EMC Corporation

CVEs (2)

  • CVE-2018-1244HigJul 2, 2018
    risk 0.57cvss 8.8epss 0.03

    Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to…

  • CVE-2018-1243HigJul 2, 2018
    risk 0.49cvss 7.5epss 0.02

    Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID values, which makes it easier for…