Cross-Site Scripting Vulnerability in Dell iDRAC6 and iDRAC7 Products
CVE-2013-3589

Currently unrated

Key Information:

Vendor: Dell
Status: Idrac6 Firmware; Idrac6 Monolithic
Vendor: CVE Published:; 24 September 2013

What is CVE-2013-3589?

A Cross-site scripting (XSS) vulnerability exists in the login page of the Administrative Web Interface for Dell iDRAC6 and iDRAC7 devices. This flaw allows remote attackers to inject arbitrary web scripts or HTML by manipulating the ErrorMsg parameter. Devices running firmware prior to version 1.96 for iDRAC6 and 1.46.45 for iDRAC7 are impacted, potentially exposing sensitive information and compromising security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/BLUU-997QVW

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/920038

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 24, 2013

JSON

Dell

What is CVE-2013-3589?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.