First published: Mon Jul 02 2018(Updated: )
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell iDRAC6 modular | ||
Dell iDRAC6 monolithic | <2.91 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.