CVE-2018-1211

Summary

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings.

Affected Software

VendorProductVersion RangeStatus
Dell EMCiDRAC7/iDRAC8versions prior to 2.52.52.52affected

Weaknesses

  • path traversal vulnerability

ADP Enrichment

CVE Program Container

Additional References

References