HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-25943

CVSS 7.6v3.1pub. 2024-06-29upd. 2025-02-03

iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI. A remote attacker could potentially exploit this vulnerability, leading to arbitrary code execution on the vulnerable application.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  • Dell Idrac9

    APP
    Dell
    < 7.00.00.172< 7.10.50.00
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2022-24422CRITICAL9.6ten sam produkt

Dell iDRAC9 versions 5.00.00.00 and later but prior to 5.10.10.00, contain an improper authentication vulnerab...

CVE-2020-5366HIGH7.1ten sam produkt

Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authenticated ma...

CVE-2020-5344HIGH7.0ten sam produkt

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based ...

CVE-2025-22397MEDIUM6.7ten sam produkt

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10....

CVE-2020-26198MEDIUM6.1ten sam produkt

Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerabi...