Remote Access Vulnerability in Dell iDRAC6 Firmware

CVE-2013-4785

Summary

The iDRAC6 web interface is susceptible to a vulnerability that allows remote attackers to manipulate the Command-Line Protocol (CLP) interface for all users. This exposure may permit unauthorized users to exploit the system through an unspecified form accessible from testurls.html. Dell indicates that iDRAC devices should be used on a separate management network, which underscores the importance of network configuration in mitigating such vulnerabilities.

References