Vulnerabilities > Dell > Idrac9 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-31 | CVE-2020-5344 | Out-of-bounds Write vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. | 9.8 |
| 2019-11-07 | CVE-2019-3764 | Unspecified vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. | 4.3 |
| 2019-04-26 | CVE-2019-3707 | Unspecified vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. | 9.8 |
| 2019-04-26 | CVE-2019-3706 | Unspecified vulnerability in Dell Idrac9 Firmware 3.20.21.20/3.21.24.22/3.23.23.23 Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. | 9.8 |
| 2019-04-26 | CVE-2019-3705 | Out-of-bounds Write vulnerability in Dell products Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. | 9.8 |
| 2018-12-13 | CVE-2018-15774 | Incorrect Authorization vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. | 8.8 |
| 2018-07-02 | CVE-2018-1249 | Unspecified vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. | 5.9 |
| 2018-07-02 | CVE-2018-1244 | Command Injection vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. | 8.8 |
| 2018-07-02 | CVE-2018-1243 | Improperly Implemented Security Check for Standard vulnerability in Dell products Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. | 7.5 |