Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
iDRAC7/iDRAC8/iDRAC9 - Privilege Escalation Vulnerability
Vulnerability Description
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dell EMC iDRAC7、iDRAC8和iDRAC9 权限许可和访问控制漏洞
Vulnerability Description
Dell EMC iDRAC7、iDRAC8和iDRAC9都是美国戴尔(Dell)公司的包含硬件和软件的系统管理解决方案。该方案为Dell PowerEdge系统提供远程管理、崩溃系统恢复和电源控制等功能。 Dell EMC iDRAC7、iDRAC8和iDRAC9中的Redfish接口存在提权漏洞。攻击者可利用该漏洞获取管理员访问权限。以下产品和版本受到影响:Dell EMC iDRAC7 2.61.60.60之前版本;iDRAC8 2.61.60.60之前版本;iDRAC9 3.20.21.20之前版
CVSS Information
N/A
Vulnerability Type
N/A