Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.
CPE | Name | Operator | Version |
---|---|---|---|
idrac7_firmware | lt | 2.65.65.65 | |
idrac8_firmware | lt | 2.70.70.70 | |
idrac9_firmware | lt | 3.36.36.36 |