Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Dell Subscribe
Filtered by product Idrac6 Monolithic
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1212 1 Dell 2 Idrac6 Modular, Idrac6 Monolithic 2019-10-09 9.0 HIGH 8.8 HIGH
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system.
CVE-2014-8272 2 Dell, Intel 4 Idrac6 Modular, Idrac6 Monolithic, Idrac7 and 1 more 2015-02-05 5.0 MEDIUM N/A
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
CVE-2013-3589 1 Dell 4 Idrac6 Firmware, Idrac6 Monolithic, Idrac7 and 1 more 2013-09-25 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter.