Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell iDRAC 6 BMC实现安全漏洞
Vulnerability Description
Dell Integrated Remote Access Controller(iDRAC)6是美国戴尔(Dell)公司的一套包含硬件和软件的系统管理解决方案。该方案为Dell PowerEdge系统提供远程管理、崩溃系统恢复和电源控制等功能。 Dell iDRAC6 BMC实现中存在漏洞。远程攻击者可通过使用加密套件0(cipher suite 0又名cipher zero)和任意的密码,利用该漏洞绕过身份认证,执行任意IPMI命令。
CVSS Information
N/A
Vulnerability Type
N/A