VAR-201812-0038
Vulnerability from variot - Updated: 2023-12-18 13:23Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access. Dell EMC iDRAC7 , iDRAC8 , iDRAC9 Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Dell EMC iDRAC is prone to the following security vulnerabilities: 1. A privilege-escalation vulnerability 2. Dell EMC iDRAC7, iDRAC8 and iDRAC9 are all system management solutions of Dell (Dell) including hardware and software. This solution provides functions such as remote management, crash recovery and power control for Dell PowerEdge systems
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "idrac7",
"scope": "lt",
"trust": 1.8,
"vendor": "dell",
"version": "2.61.60.60"
},
{
"model": "idrac8",
"scope": "lt",
"trust": 1.8,
"vendor": "dell",
"version": "2.61.60.60"
},
{
"model": "idrac9",
"scope": "lt",
"trust": 1.8,
"vendor": "dell",
"version": "3.20.21.20"
},
{
"model": "idrac9",
"scope": "lt",
"trust": 1.8,
"vendor": "dell",
"version": "3.21.24.22"
},
{
"model": "idrac9",
"scope": "gte",
"trust": 1.0,
"vendor": "dell",
"version": "3.21.21.21"
},
{
"model": "idrac9",
"scope": "lt",
"trust": 0.8,
"vendor": "dell",
"version": "3.21.26.22"
},
{
"model": "idrac9",
"scope": "lt",
"trust": 0.8,
"vendor": "dell",
"version": "3.23.23.23"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.20.20.20"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.19.19.19"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.18.18.18"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.17.20.17"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.17.18.17"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.17.17.17"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.16.16.16"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.15.19.15"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.15.17.15"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.15.15.15"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.11.11.11"
},
{
"model": "idrac9",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "3.00.00.00"
},
{
"model": "idrac8",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "0"
},
{
"model": "idrac7",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "0"
},
{
"model": "idrac6",
"scope": "eq",
"trust": 0.3,
"vendor": "dell",
"version": "0"
},
{
"model": "idrac9",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "3.23.23.23"
},
{
"model": "idrac9",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "3.21.26.22"
},
{
"model": "idrac9",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "3.21.24.22"
},
{
"model": "idrac9",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "3.20.21.20"
},
{
"model": "idrac8",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "2.61.60.60"
},
{
"model": "idrac7",
"scope": "ne",
"trust": 0.3,
"vendor": "dell",
"version": "2.61.60.60"
}
],
"sources": [
{
"db": "BID",
"id": "106233"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:dell:idrac8_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.61.60.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:dell:idrac9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.21.24.22",
"versionStartIncluding": "3.21.21.21",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:dell:idrac7_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.61.60.60",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:dell:idrac9_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.20.21.20",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15774"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jon Sands and Adam Nielsen",
"sources": [
{
"db": "BID",
"id": "106233"
}
],
"trust": 0.3
},
"cve": "CVE-2018-15774",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-15774",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-126067",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-126069",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "security_alert@emc.com",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.2,
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15774",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15774",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "security_alert@emc.com",
"id": "CVE-2018-15774",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-674",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-126067",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-126069",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-15774",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
},
{
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access. Dell EMC iDRAC7 , iDRAC8 , iDRAC9 Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Dell EMC iDRAC is prone to the following security vulnerabilities:\n1. A privilege-escalation vulnerability\n2. Dell EMC iDRAC7, iDRAC8 and iDRAC9 are all system management solutions of Dell (Dell) including hardware and software. This solution provides functions such as remote management, crash recovery and power control for Dell PowerEdge systems",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "BID",
"id": "106233"
},
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
},
{
"db": "VULMON",
"id": "CVE-2018-15774"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15774",
"trust": 3.0
},
{
"db": "BID",
"id": "106233",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-674",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-15727",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-126067",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201812-673",
"trust": 0.1
},
{
"db": "CNVD",
"id": "CNVD-2020-15728",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-126069",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-15774",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
},
{
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"db": "BID",
"id": "106233"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"id": "VAR-201812-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
}
],
"trust": 0.02
},
"last_update_date": "2023-12-18T13:23:54.777000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Dell EMC iDRAC \u306e\u8907\u6570\u306e\u8106\u5f31\u6027 (cve-2018-15774 \u304a\u3088\u3073 cve-2018-15776)",
"trust": 0.8,
"url": "https://www.dell.com/support/article/jp/ja/jpdhs1/sln315190/dell-emc-idrac-\u306e\u8907\u6570\u306e\u8106\u5f31\u6027-cve-2018-15774-\u304a\u3088\u3073-cve-2018-15776?lang=ja"
},
{
"title": "Dell EMC iDRAC Multiple Vulnerabilities (CVE-2018-15774 and CVE-2018-15776)",
"trust": 0.8,
"url": "https://www.dell.com/support/article/jp/ja/jpdhs1/sln315190/dell-emc-idrac-multiple-vulnerabilities-cve-2018-15774-and-cve-2018-15776?lang=en"
},
{
"title": "Dell EMC iDRAC7 , iDRAC8 and iDRAC9 Fixes for permission permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87909"
},
{
"title": "reverse-engineering-dell-idrac-to-get-rid-of-gpu-throttling",
"trust": 0.1,
"url": "https://github.com/l4rz/reverse-engineering-dell-idrac-to-get-rid-of-gpu-throttling "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/chnzzh/idrac-cve-lib "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
},
{
"problemtype": "CWE-388",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.securityfocus.com/bid/106233"
},
{
"trust": 2.2,
"url": "https://www.dell.com/support/article/us/en/19/sln315190/dell-emc-idrac-multiple-vulnerabilities-cve-2018-15774-and-cve-2018-15776-?lang=en"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15774"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15774"
},
{
"trust": 0.3,
"url": "https://www.dellemc.com/en-us/index.htm"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/l4rz/reverse-engineering-dell-idrac-to-get-rid-of-gpu-throttling"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
},
{
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"db": "BID",
"id": "106233"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126067"
},
{
"db": "VULHUB",
"id": "VHN-126069"
},
{
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"db": "BID",
"id": "106233"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-126067"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-126069"
},
{
"date": "2018-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"date": "2018-12-13T00:00:00",
"db": "BID",
"id": "106233"
},
{
"date": "2019-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"date": "2018-12-13T22:29:00.327000",
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"date": "2018-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-126067"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-126069"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-15774"
},
{
"date": "2018-12-13T00:00:00",
"db": "BID",
"id": "106233"
},
{
"date": "2019-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014040"
},
{
"date": "2019-10-09T23:35:52.893000",
"db": "NVD",
"id": "CVE-2018-15774"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Dell iDRAC Vulnerabilities related to authorization, authority, and access control in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014040"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-674"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…