CVE-2013-4783 (GCVE-0-2013-4783)

Vulnerability from cvelistv5 – Published: 2013-07-08 22:00 – Updated: 2024-08-06 16:52
VLAI
Summary
The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet."
Severity
No CVSS data available.
CWE
  • n/a
Assigner
Date Public
2013-02-22 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:52:27.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.wired.com/threatlevel/2013/07/ipmi/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero"
          },
          {
            "name": "93039",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/show/osvdb/93039"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://fish2.com/ipmi/cipherzero.html"
          },
          {
            "name": "[Freeipmi-devel] 20130222 The Infamous Cipher Zero, I presume?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.  NOTE: the vendor disputes the significance of this issue, stating \"DRAC\u0027s are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-09-27T09:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.wired.com/threatlevel/2013/07/ipmi/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero"
        },
        {
          "name": "93039",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/show/osvdb/93039"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://fish2.com/ipmi/cipherzero.html"
        },
        {
          "name": "[Freeipmi-devel] 20130222 The Infamous Cipher Zero, I presume?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-4783",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.  NOTE: the vendor disputes the significance of this issue, stating \"DRAC\u0027s are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx",
              "refsource": "MISC",
              "url": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx"
            },
            {
              "name": "http://www.wired.com/threatlevel/2013/07/ipmi/",
              "refsource": "MISC",
              "url": "http://www.wired.com/threatlevel/2013/07/ipmi/"
            },
            {
              "name": "http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero",
              "refsource": "MISC",
              "url": "http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero"
            },
            {
              "name": "93039",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/show/osvdb/93039"
            },
            {
              "name": "ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf",
              "refsource": "MISC",
              "url": "ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf"
            },
            {
              "name": "http://fish2.com/ipmi/cipherzero.html",
              "refsource": "MISC",
              "url": "http://fish2.com/ipmi/cipherzero.html"
            },
            {
              "name": "[Freeipmi-devel] 20130222 The Infamous Cipher Zero, I presume?",
              "refsource": "MLIST",
              "url": "https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-4783",
    "datePublished": "2013-07-08T22:00:00.000Z",
    "dateReserved": "2013-07-08T00:00:00.000Z",
    "dateUpdated": "2024-08-06T16:52:27.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2013-4783",
      "date": "2026-07-16",
      "epss": "0.03384",
      "percentile": "0.87437"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:dell:idrac6_bmc:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3F5CD3D-EFF6-41DA-AB2F-FF172F5CD1FC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.  NOTE: the vendor disputes the significance of this issue, stating \\\"DRAC\u0027s are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.\\\"\"}, {\"lang\": \"es\", \"value\": \"El dispositivo iDRAC6 de Dell con versiones de firmware 1.x anteriores a 1.92 y versiones 2.x y versiones 3.x anteriores a 3.42, e iDRAC7 con versi\\u00f3n de firmware anterior a 1.23.23, permite a los atacantes remotos omitir la autenticaci\\u00f3n y ejecutar comandos IPMI arbitrarios usando el conjunto de cifrado 0 (tambi\\u00e9n se conoce como cifrado cero) y una contrase\\u00f1a arbitraria. NOTA: el proveedor cuestiona la importancia de este problema, declarando que  \\\"Los DRAC est\\u00e1n destinados a estar en una red de administraci\\u00f3n separada; no est\\u00e1n dise\\u00f1ados ni destinados a ser conectados o conectados a Internet\\\".\"}]",
      "id": "CVE-2013-4783",
      "lastModified": "2024-11-21T01:56:23.990",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-07-08T22:55:01.137",
      "references": "[{\"url\": \"ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://fish2.com/ipmi/cipherzero.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/show/osvdb/93039\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.wired.com/threatlevel/2013/07/ipmi/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://fish2.com/ipmi/cipherzero.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/show/osvdb/93039\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.wired.com/threatlevel/2013/07/ipmi/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4783\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-07-08T22:55:01.137\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.  NOTE: the vendor disputes the significance of this issue, stating \\\"DRAC\u0027s are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.\\\"\"},{\"lang\":\"es\",\"value\":\"El dispositivo iDRAC6 de Dell con versiones de firmware 1.x anteriores a 1.92 y versiones 2.x y versiones 3.x anteriores a 3.42, e iDRAC7 con versi\u00f3n de firmware anterior a 1.23.23, permite a los atacantes remotos omitir la autenticaci\u00f3n y ejecutar comandos IPMI arbitrarios usando el conjunto de cifrado 0 (tambi\u00e9n se conoce como cifrado cero) y una contrase\u00f1a arbitraria. NOTA: el proveedor cuestiona la importancia de este problema, declarando que  \\\"Los DRAC est\u00e1n destinados a estar en una red de administraci\u00f3n separada; no est\u00e1n dise\u00f1ados ni destinados a ser conectados o conectados a Internet\\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:dell:idrac6_bmc:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3F5CD3D-EFF6-41DA-AB2F-FF172F5CD1FC\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://fish2.com/ipmi/cipherzero.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/show/osvdb/93039\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.wired.com/threatlevel/2013/07/ipmi/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.dell.com/Manuals/Common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_FAQ2_en-us.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://fish2.com/ipmi/cipherzero.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/show/osvdb/93039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.wired.com/threatlevel/2013/07/ipmi/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…