Vulnerabilities > Dell > Idrac6 Firmware > 1.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-26 | CVE-2019-3705 | Out-of-bounds Write vulnerability in Dell products Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. | 10.0 |
2018-07-02 | CVE-2018-1243 | Improperly Implemented Security Check for Standard vulnerability in Dell products Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. | 5.0 |
2013-09-24 | CVE-2013-3589 | Cross-Site Scripting vulnerability in Dell products Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46.45 allows remote attackers to inject arbitrary web script or HTML via the ErrorMsg parameter. | 4.3 |
2013-07-08 | CVE-2013-4785 | Unspecified vulnerability in Dell Idrac6 Firmware 1.7 The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. | 10.0 |