CVE-2014-8272

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 19/12/14 - Updated on 05/02/15

Description

The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2014-8272

Exploits

Exploit-DBEDB-35770

Relative technologies

VendorProduct
dellidrac6_modular
dellidrac6_monolithic
dellidrac7
intelipmi

Share this vulnerability with:

Twitter Facebook LinkedIn Mail