Denial of Service Vulnerability in Dell iDRAC8 Product
CVE-2022-24423

5.3MEDIUM

Key Information:

Vendor: Dell
Status: Integrated Dell Remote Access Controller 8
Vendor: CVE Published:; 21 April 2022

What is CVE-2022-24423?

Dell iDRAC8 versions before 2.83.83.83 are vulnerable to a denial of service flaw. This vulnerability allows remote unauthenticated attackers to potentially exploit the system, leading to resource exhaustion of the webserver. As a result, users may experience a denial of service condition, hampering the availability and functionality of the affected systems. Organizations utilizing Dell iDRAC8 should take immediate action to update their systems to the latest version to mitigate this security risk.

Affected Version(s)

Integrated Dell Remote Access Controller 8 < 2.83.83.83

References

https://www.dell.com/support/kbdoc/en-us/000198064/dsa-20...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2022
Vulnerability Reserved
Feb 4, 2022