Arbitrary Command Execution Risk in Dell iDRAC Products
CVE-2014-8272

Currently unrated

Key Information:

Vendor

Dell
Status
Idrac6 Modular
Vendor
CVE Published:
19 December 2014

What is CVE-2014-8272?

The IPMI 1.5 functionality in select Dell iDRAC versions fails to securely manage session ID values, enabling remote attackers to potentially execute arbitrary commands via brute-force methods. This vulnerability affects multiple iDRAC versions, posing a serious security concern for systems relying on this management interface. To mitigate risks, users are advised to update to the latest firmware versions and implement additional security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/BLUU-9RDQHM
x_refsource_CONFIRM
http://www.exploit-db.com/exploits/35770
exploitx_refsource_EXPLOIT-DB
http://www.kb.cert.org/vuls/id/843044
third-party-advisoryx_refsource_CERT-VN

EPSS Score

53% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.