Search criteria
6 vulnerabilities found for ipmi by intel
CVE-2024-3411 (GCVE-0-2024-3411)
Vulnerability from cvelistv5 – Published: 2024-04-30 18:39 – Updated: 2025-11-04 17:20
VLAI?
Title
Insufficient Randomness When Validating an IPMI Authenticated Session
Summary
Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device.
Severity ?
9.1 (Critical)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:intel:*:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "*",
"vendor": "intel",
"versions": [
{
"status": "affected",
"version": "IPMI 2.0, revision 1.1E7"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-3411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T15:09:39.893298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T21:17:11.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:20:29.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/163057"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability"
},
{
"url": "https://www.kb.cert.org/vuls/id/163057"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDRAC8",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "2.86.86.86"
}
]
},
{
"product": "IPMI",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0, revision 1.1E7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-331 Insufficient Entropy",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T20:35:33.625Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://kb.cert.org/vuls/id/163057"
},
{
"url": "https://www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf"
},
{
"url": "https://www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient Randomness When Validating an IPMI Authenticated Session",
"x_generator": {
"engine": "VINCE 3.0.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3411"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-3411",
"datePublished": "2024-04-30T18:39:36.861Z",
"dateReserved": "2024-04-05T20:48:24.306Z",
"dateUpdated": "2025-11-04T17:20:29.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2014-8272 (GCVE-0-2014-8272)
Vulnerability from cvelistv5 – Published: 2014-12-19 11:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"name": "35770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"name": "VU#843044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/843044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-02T15:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"name": "35770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"name": "VU#843044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/843044"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-8272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"name": "35770",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"name": "VU#843044",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/843044"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-8272",
"datePublished": "2014-12-19T11:00:00",
"dateReserved": "2014-10-12T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3411 (GCVE-0-2024-3411)
Vulnerability from nvd – Published: 2024-04-30 18:39 – Updated: 2025-11-04 17:20
VLAI?
Title
Insufficient Randomness When Validating an IPMI Authenticated Session
Summary
Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device.
Severity ?
9.1 (Critical)
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:intel:*:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "*",
"vendor": "intel",
"versions": [
{
"status": "affected",
"version": "IPMI 2.0, revision 1.1E7"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-3411",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T15:09:39.893298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T21:17:11.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T17:20:29.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/163057"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability"
},
{
"url": "https://www.kb.cert.org/vuls/id/163057"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDRAC8",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "2.86.86.86"
}
]
},
{
"product": "IPMI",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0, revision 1.1E7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an attacker to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-331 Insufficient Entropy",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T20:35:33.625Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://kb.cert.org/vuls/id/163057"
},
{
"url": "https://www.intel.la/content/dam/www/public/us/en/documents/specification-updates/ipmi-intelligent-platform-mgt-interface-spec-2nd-gen-v2-0-spec-update.pdf"
},
{
"url": "https://www.dell.com/support/kbdoc/en-US/000226504/dsa-2024-295-security-update-for-dell-idrac8-ipmi-session-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient Randomness When Validating an IPMI Authenticated Session",
"x_generator": {
"engine": "VINCE 3.0.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3411"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-3411",
"datePublished": "2024-04-30T18:39:36.861Z",
"dateReserved": "2024-04-05T20:48:24.306Z",
"dateUpdated": "2025-11-04T17:20:29.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2014-8272 (GCVE-0-2014-8272)
Vulnerability from nvd – Published: 2014-12-19 11:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"name": "35770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"name": "VU#843044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/843044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-02T15:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"name": "35770",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"name": "VU#843044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/843044"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-8272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"name": "35770",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"name": "VU#843044",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/843044"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-8272",
"datePublished": "2014-12-19T11:00:00",
"dateReserved": "2014-10-12T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-201412-0537
Vulnerability from variot - Updated: 2023-12-18 12:57The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. Intelligent Platform Management Interface (IPMI) v1.5 Multiple implementations of the protocol Dell iDRAC The product contains a command injection vulnerability due to a session management issue. CWE-330: Use of Insufficiently Random Values http://cwe.mitre.org/data/definitions/330.html Sessions where random values should be used ID Is assigned regularly, so Dell iDRAC Next session used by the user logged in ID May be guessed. Also session ID Because the range of values used as is small, it is easy to guess by brute force attacks. Dell Computer Corporation, Inc. Information for VU#843044 (http://www.kb.cert.org/vuls/id/BLUU-9RDQHM) Then Dell Says: * The legacy nature of the IPMI 1.5 protocol exposes several weaknesses in * the overall design and implementation. These are: * Use of an insecure (unencrypted) channel for communication. * Poor password management including limited password length. * Limited session management capability. * These weaknesses are inherent in the overall design and implementation * of the protocol, therefore support for the IPMI 1.5 version of the protocol * has been permanently removed. This means that it will not be possible to * reactivate or enable it in an operational setting.By a remote third party, Dell iDRAC Could be hijacked to connect to and execute arbitrary commands. Multiple Dell iDRAC Products are prone to a vulnerability that lets attackers inject arbitrary commands. Successful exploits will allow attackers to execute arbitrary commands in the context of the affected application. This may further aid in other attacks. Dell iDRAC6 modular, iDRAC6 monolithic and iDRAC7 are all system management solutions from Dell (Dell) including hardware and software. This solution provides functions such as remote management, crash recovery and power control for Dell PowerEdge systems. , which provides the ability to monitor, control, and automatically report on the health of a large number of servers. A security vulnerability exists in IPMI version 1.5 of several Dell products. The following products and versions are affected: Dell iDRAC6 modular 3.60 and earlier, iDRAC6 monolithic 1.97 and earlier, iDRAC7 1.56.55 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0537",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipmi",
"scope": "eq",
"trust": 1.8,
"vendor": "intel",
"version": "1.5"
},
{
"model": "idrac6 modular",
"scope": "lte",
"trust": 1.0,
"vendor": "dell",
"version": "3.60"
},
{
"model": "idrac6 monolithic",
"scope": "lte",
"trust": 1.0,
"vendor": "dell",
"version": "1.97"
},
{
"model": "idrac7",
"scope": "lte",
"trust": 1.0,
"vendor": "dell",
"version": "1.56.55"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell computer",
"version": null
},
{
"model": "idrac6 modular",
"scope": "lte",
"trust": 0.8,
"vendor": "dell",
"version": "version 3.60"
},
{
"model": "idrac6 monolithic",
"scope": "lte",
"trust": 0.8,
"vendor": "dell",
"version": "version 1.97"
},
{
"model": "idrac7 module",
"scope": "lte",
"trust": 0.8,
"vendor": "dell",
"version": "version 1.56.55"
},
{
"model": "idrac6 modular",
"scope": "eq",
"trust": 0.6,
"vendor": "dell",
"version": "3.60"
},
{
"model": "idrac7",
"scope": "eq",
"trust": 0.6,
"vendor": "dell",
"version": "1.56.55"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#843044"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:idrac6_modular:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.60",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:idrac7:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.56.55",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intel:ipmi:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:idrac6_monolithic:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.97",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8272"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yong Chuan Koh",
"sources": [
{
"db": "BID",
"id": "71750"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8272",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "HIGH",
"baseScore": 10.0,
"collateralDamagePotential": "LOW-MEDIUM",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "HIGH",
"enviromentalScore": 6.4,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8272",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "HIGH",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2014-007308",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-76217",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2014-8272",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8272",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8272",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2014-007308",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201412-429",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76217",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-8272",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#843044"
},
{
"db": "VULHUB",
"id": "VHN-76217"
},
{
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack. Intelligent Platform Management Interface (IPMI) v1.5 Multiple implementations of the protocol Dell iDRAC The product contains a command injection vulnerability due to a session management issue. CWE-330: Use of Insufficiently Random Values http://cwe.mitre.org/data/definitions/330.html Sessions where random values should be used ID Is assigned regularly, so Dell iDRAC Next session used by the user logged in ID May be guessed. Also session ID Because the range of values used as is small, it is easy to guess by brute force attacks. Dell Computer Corporation, Inc. Information for VU#843044 (http://www.kb.cert.org/vuls/id/BLUU-9RDQHM) Then Dell Says: * The legacy nature of the IPMI 1.5 protocol exposes several weaknesses in * the overall design and implementation. These are: * Use of an insecure (unencrypted) channel for communication. * Poor password management including limited password length. * Limited session management capability. * These weaknesses are inherent in the overall design and implementation * of the protocol, therefore support for the IPMI 1.5 version of the protocol * has been permanently removed. This means that it will not be possible to * reactivate or enable it in an operational setting.By a remote third party, Dell iDRAC Could be hijacked to connect to and execute arbitrary commands. Multiple Dell iDRAC Products are prone to a vulnerability that lets attackers inject arbitrary commands. \nSuccessful exploits will allow attackers to execute arbitrary commands in the context of the affected application. This may further aid in other attacks. Dell iDRAC6 modular, iDRAC6 monolithic and iDRAC7 are all system management solutions from Dell (Dell) including hardware and software. This solution provides functions such as remote management, crash recovery and power control for Dell PowerEdge systems. , which provides the ability to monitor, control, and automatically report on the health of a large number of servers. A security vulnerability exists in IPMI version 1.5 of several Dell products. The following products and versions are affected: Dell iDRAC6 modular 3.60 and earlier, iDRAC6 monolithic 1.97 and earlier, iDRAC7 1.56.55 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"db": "CERT/CC",
"id": "VU#843044"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "BID",
"id": "71750"
},
{
"db": "VULHUB",
"id": "VHN-76217"
},
{
"db": "VULMON",
"id": "CVE-2014-8272"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-76217",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=35770",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76217"
},
{
"db": "VULMON",
"id": "CVE-2014-8272"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8272",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#843044",
"trust": 3.7
},
{
"db": "EXPLOIT-DB",
"id": "35770",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU90515133",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201412-429",
"trust": 0.7
},
{
"db": "BID",
"id": "71750",
"trust": 0.4
},
{
"db": "SEEBUG",
"id": "SSVID-90211",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129952",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-76217",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-8272",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#843044"
},
{
"db": "VULHUB",
"id": "VHN-76217"
},
{
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"db": "BID",
"id": "71750"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"id": "VAR-201412-0537",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76217"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:50.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Intelligent Platform Management Interface (IPMI) Information",
"trust": 0.8,
"url": "http://www.intel.com/content/www/us/en/servers/ipmi/ipmi-home.html"
},
{
"title": "DELL iDRAC 1.57.57 Driver Details",
"trust": 0.8,
"url": "http://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=xh6fx"
},
{
"title": "iDRAC6 Monolithic Release 1.98 Driver Details",
"trust": 0.8,
"url": "http://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=78m0v"
},
{
"title": "iDRAC6 MODULAR 3.65 release Driver Details",
"trust": 0.8,
"url": "http://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=61w8x"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/tdrft6/awesome-rat-master "
},
{
"title": "Awesome-RATs",
"trust": 0.1,
"url": "https://github.com/blackhat-ssg/awesome-rats "
},
{
"title": "RAT-Army",
"trust": 0.1,
"url": "https://github.com/dailyhijacks/rat-army "
},
{
"title": "Rat-Pack",
"trust": 0.1,
"url": "https://github.com/imtheblackpantherxd/rat-pack "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "NVD",
"id": "CVE-2014-8272"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/843044"
},
{
"trust": 2.6,
"url": "http://www.kb.cert.org/vuls/id/bluu-9rdqhm"
},
{
"trust": 1.2,
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=61w8x"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=78m0v"
},
{
"trust": 0.8,
"url": "http://www.dell.com/support/home/us/en/19/drivers/driversdetails?driverid=xh6fx"
},
{
"trust": 0.8,
"url": "http://www.intel.com/content/www/us/en/servers/ipmi/second-gen-interface-spec-v2-rev1-4.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8272"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90515133/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8272"
},
{
"trust": 0.3,
"url": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4357.idrac6-home.aspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=36819"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/35770/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#843044"
},
{
"db": "VULHUB",
"id": "VHN-76217"
},
{
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"db": "BID",
"id": "71750"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#843044"
},
{
"db": "VULHUB",
"id": "VHN-76217"
},
{
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"db": "BID",
"id": "71750"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-18T00:00:00",
"db": "CERT/CC",
"id": "VU#843044"
},
{
"date": "2014-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-76217"
},
{
"date": "2014-12-19T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"date": "2014-12-19T00:00:00",
"db": "BID",
"id": "71750"
},
{
"date": "2014-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"date": "2014-12-19T11:59:05.290000",
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"date": "2014-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-18T00:00:00",
"db": "CERT/CC",
"id": "VU#843044"
},
{
"date": "2015-02-05T00:00:00",
"db": "VULHUB",
"id": "VHN-76217"
},
{
"date": "2015-02-05T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8272"
},
{
"date": "2014-12-19T00:00:00",
"db": "BID",
"id": "71750"
},
{
"date": "2014-12-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007308"
},
{
"date": "2015-02-05T20:13:24.463000",
"db": "NVD",
"id": "CVE-2014-8272"
},
{
"date": "2014-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Dell iDRAC IPMI v1.5 implementations use insufficiently random session ID values",
"sources": [
{
"db": "CERT/CC",
"id": "VU#843044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201412-429"
}
],
"trust": 0.6
}
}
FKIE_CVE-2014-8272
Vulnerability from fkie_nvd - Published: 2014-12-19 11:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.exploit-db.com/exploits/35770 | Exploit | |
| cret@cert.org | http://www.kb.cert.org/vuls/id/843044 | Third Party Advisory, US Government Resource | |
| cret@cert.org | http://www.kb.cert.org/vuls/id/BLUU-9RDQHM | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/35770 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/843044 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/BLUU-9RDQHM | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dell | idrac6_modular | * | |
| dell | idrac7 | * | |
| intel | ipmi | 1.5 | |
| dell | idrac6_monolithic | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:idrac6_modular:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A460E054-878C-4E63-945F-7FC03D07E302",
"versionEndIncluding": "3.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:idrac7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DBDA63-E3CD-486A-864A-9C9B078ACC97",
"versionEndIncluding": "1.56.55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:ipmi:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "21DFF96C-EBE3-4CAC-B281-50C0A2728C10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:idrac6_monolithic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D463D1-92B9-481C-BC39-3E5EDA630A3E",
"versionEndIncluding": "1.97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack."
},
{
"lang": "es",
"value": "La funcionalidad IPMI 1.5 en Dell iDRAC6 modular anterior a 3.65, iDRAC6 monol\u00edtico anterior a 1.98 e iDRAC7 anterior a 1.57.57 no selecciona correctamente los valores ID de sesi\u00f3n, lo que facilita a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de ataques de fuerza bruta."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/330.html\"\u003eCWE-330: Use of Insufficiently Random Values\u003c/a\u003e",
"id": "CVE-2014-8272",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-19T11:59:05.290",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/843044"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/35770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/843044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/BLUU-9RDQHM"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}