CVE-2018-15774

2018-12-13T22:29:00
ID CVE-2018-15774
Type cve
Reporter secure@dell.com
Modified 2019-10-09T23:35:00

Description

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access.