CVE-2024-25943
7.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
Summary
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI. A remote attacker could potentially exploit this vulnerability, leading to arbitrary code execution on the vulnerable application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dell | Integrated Dell Remote Access Controller 9 | N/A < 7.00.00.172 | affected |
| Dell | Integrated Dell Remote Access Controller 9 | N/A < 7.10.50.00 | affected |
Weaknesses
- CWE-330: CWE-330: Use of Insufficiently Random Values
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.