Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Dell iDRAC8 输入验证错误漏洞
Vulnerability Description
Dell iDRAC8是美国戴尔(Dell)公司的一个控制器。提供提供整个的PowerEdge系列服务器全面,嵌入式管理,自动化功能。 Dell iDRAC8 2.83.83.83版本及之前版本存在安全漏洞,该漏洞源于Racadm中输入验证不正确。攻击者利用该漏洞绕过固件锁定配置并执行固件更新。
CVSS Information
N/A
Vulnerability Type
N/A