Dell EMC iDRAC7/iDRAC8, versions before 2.60.60.60, and iDRAC9 versions before 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dell idrac9 firmware |
||
dell idrac7 firmware |
||
dell idrac8 firmware |