Vulnerabilities > Dell > Idrac8 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2022-34436 Improper Input Validation vulnerability in Dell Idrac8 Firmware
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set.
network
low complexity
dell CWE-20
4.9
4.9
2021-03-08 CVE-2021-21510 Injection vulnerability in Dell Idrac8 Firmware
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability.
network
low complexity
dell CWE-74
6.1
6.1
2020-03-31 CVE-2020-5344 Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability.
network
low complexity
dell CWE-787
critical
 9.8
9.8
2019-11-07 CVE-2019-3764 Unspecified vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware
Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability.
network
low complexity
dell
4.3
4.3
2019-04-26 CVE-2019-3705 Out-of-bounds Write vulnerability in Dell products
Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability.
network
low complexity
dell CWE-787
critical
 9.8
9.8
2018-12-13 CVE-2018-15776 Unspecified vulnerability in Dell Idrac7 Firmware and Idrac8 Firmware
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability.
low complexity
dell
6.8
6.8
2018-12-13 CVE-2018-15774 Incorrect Authorization vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability.
network
low complexity
dell CWE-863
8.8
8.8
2018-07-02 CVE-2018-1244 Command Injection vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent.
network
low complexity
dell CWE-77
8.8
8.8
2018-07-02 CVE-2018-1243 Improperly Implemented Security Check for Standard vulnerability in Dell products
Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability.
network
low complexity
dell CWE-358
7.5
7.5
2016-11-29 CVE-2016-5685 Injection vulnerability in Dell Idrac7 Firmware and Idrac8 Firmware
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
network
low complexity
dell CWE-74
8.8
8.8