CRITICAL🇬🇧 English

CVE-2019-3705

CVSS 9.8v3.1pub. 2019-04-26upd. 2024-11-21

Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to crash the webserver or execute arbitrary code on the system with privileges of the webserver by sending specially crafted input data to the affected system.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dell Idrac6 Firmware

    OS
    Dell
    < 2.92
  • Dell Idrac7 Firmware

    OS
    Dell
    < 2.61.60.60
  • Dell Idrac8 Firmware

    OS
    Dell
    < 2.61.60.60
  • Dell Idrac9 Firmware

    OS
    Dell
    < 3.20.21.20
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2021-21538CRITICAL9.6ten sam produkt

Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vul...

CVE-2020-5366HIGH7.1ten sam produkt

Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authenticated ma...

CVE-2020-5344HIGH7.0ten sam produkt

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based ...

CVE-2019-3707HIGH8.6ten sam produkt

Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. A remote attacker...

CVE-2019-3706HIGH8.6ten sam produkt

Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication ...