DSA-2024-295: Security Update for Dell iDRAC8 IPMI session Vulnerability
Dell iDRAC8 mitigation is available for predictable IPMI 2.0 session IDs that could be exploited by malicious users to compromise the affected system.
Summary:Dell iDRAC8 mitigation is available for predictable IPMI 2.0 session IDs that could be exploited by malicious users to compromise the affected system.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
For iDRAC8 mitigation, disable IPMI over LAN. IPMI is disabled by default, but if required it can be disabled in the iDRAC web interface by navigating to Overview -> iDRAC Settings -> Network -> IPMI Settings.