VAR-201307-0418
Vulnerability from variot - Updated: 2023-12-18 12:21The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.". Dell Integrated Remote Access Controller ( iDRAC ) 6 is the US Dell ( Dell ) company's system management solution that includes hardware and software. The program is Dell PowerEdge The system provides functions such as remote management, crashed system recovery, and power control. Dell iDRAC6 BMC There is a loophole in the implementation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0418",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "idrac6 bmc",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "*"
},
{
"model": "integrated dell remote access controller 6",
"scope": "eq",
"trust": 0.8,
"vendor": "dell",
"version": "bmc"
},
{
"model": "idrac6 bmc",
"scope": null,
"trust": 0.6,
"vendor": "dell",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:dell:idrac6_bmc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4783"
}
]
},
"cve": "CVE-2013-4783",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-4783",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-64785",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4783",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-120",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-64785",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-4783",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64785"
},
{
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating \"DRAC\u0027s are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.\". Dell Integrated Remote Access Controller ( iDRAC ) 6 is the US Dell ( Dell ) company\u0027s system management solution that includes hardware and software. The program is Dell PowerEdge The system provides functions such as remote management, crashed system recovery, and power control. Dell iDRAC6 BMC There is a loophole in the implementation",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "VULHUB",
"id": "VHN-64785"
},
{
"db": "VULMON",
"id": "CVE-2013-4783"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4783",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "93039",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201307-120",
"trust": 0.7
},
{
"db": "MLIST",
"id": "[FREEIPMI-DEVEL] 20130222 THE INFAMOUS CIPHER ZERO, I PRESUME?",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-64785",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-4783",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64785"
},
{
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"id": "VAR-201307-0418",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-64785"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:21:40.612000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Dell response to US-CERT (United States Computer Emergency Readiness Team) TA13-207A: IPMI TechAlert",
"trust": 0.8,
"url": "ftp://ftp.dell.com/manuals/common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_faq2_en-us.pdf"
},
{
"title": "Integrated Dell Remote Access Controller 6",
"trust": 0.8,
"url": "http://ja.community.dell.com/techcenter/b/weblog/archive/2011/03/31/quot-idrac6-quot.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dell.com/"
},
{
"title": "How to check if IPMI Cipher 0 is off",
"trust": 0.8,
"url": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/chnzzh/idrac-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64785"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "NVD",
"id": "CVE-2013-4783"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://fish2.com/ipmi/cipherzero.html"
},
{
"trust": 1.8,
"url": "http://www.metasploit.com/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero"
},
{
"trust": 1.8,
"url": "http://www.wired.com/threatlevel/2013/07/ipmi/"
},
{
"trust": 1.8,
"url": "https://lists.gnu.org/archive/html/freeipmi-devel/2013-02/msg00013.html"
},
{
"trust": 1.8,
"url": "http://osvdb.org/show/osvdb/93039"
},
{
"trust": 1.2,
"url": "ftp://ftp.dell.com/manuals/common/integrated-dell-remote-access-cntrllr-6-for-monolithic-srvr-v1.95_faq2_en-us.pdf"
},
{
"trust": 1.2,
"url": "http://en.community.dell.com/techcenter/systems-management/w/wiki/4929.how-to-check-if-ipmi-cipher-0-is-off.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4783"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4783"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/chnzzh/idrac-cve-lib"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64785"
},
{
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-64785"
},
{
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-64785"
},
{
"date": "2013-07-08T00:00:00",
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"date": "2013-07-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"date": "2013-07-08T22:55:01.137000",
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"date": "2013-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-27T00:00:00",
"db": "VULHUB",
"id": "VHN-64785"
},
{
"date": "2013-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2013-4783"
},
{
"date": "2013-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003249"
},
{
"date": "2013-09-27T03:47:07.290000",
"db": "NVD",
"id": "CVE-2013-4783"
},
{
"date": "2013-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell iDRAC of BMC Vulnerabilities that prevent authentication from being implemented",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003249"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-120"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.