CVE-2019-3706
8.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Summary
Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC web interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell EMC | iDRAC | 3.24.24.24 < 3.24.24.24 | affected |
| Dell EMC | iDRAC | 3.21.26.22 < 3.21.26.22 | affected |
| Dell EMC | iDRAC | 3.22.22.22 < 3.22.22.22 | affected |
| Dell EMC | iDRAC | 3.21.25.22 < 3.21.25.22 | affected |
Weaknesses
- Web Interface Authentication Bypass Vulnerability
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.