IDRAC: CVE Vulnerabilities | CVE-2000-0146, CVE-2002-0748, CVE-1999-0517 | Securing Virtual Console with TLS 1.2
Summary: This article helps you to formulate the action plan to mitigate the below CVEs while customer reports Vulnerability alerts on IDRAC.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
If our customer reports CVE vulnerabilities on IDRAC with the scan results pointing towards CVE Number, Associated Port, Description as below on the scan report - to mitigate these CVEs kindly see the below steps to change the IDRAC settings as required and suggest the customer rerun the scan.
You may SSH to IDRAC IP or use iDRAC Tools for remote RACADM commands to follow the below steps.
Restrict Webserver to the TLS 1.2 protocol.
Check the current iDRAC Webserver settings.
To set the iDRAC Webserver settings to TLS 1.2
Use the get command to confirm the iDRAC Webserver TLS Protocol settings.
Through IDRAC Graphical user interface - may see the below screenshot.
Verify SNMP Agent "SNMP Community Name" and change the default SNMP Community name from "Public" to specify a different name or alternately select SNMPv3 Protocol.
This below snippet is taken from the TSR report - Hardware - Attributes Section for reference.
Also may see IDRAC Graphical user interface - iDRAC Settings - Network - Services section.
RACADM CLI command to verify the SNMP Agent - SNMP Protocol settings
Here the Legal Values
● 0 — SNMPv1
● 1 — SNMPv2
● 2 — SNMPv3
Command to change Object Value
RACADM command to verify the SNMP Agent - SNMP Community Name
Command to set SNMP Community Name
IDRAC8 RACADM CLI Guide https://dl.dell.com/topicspdf/idrac8-lifecycle-controller-v2818181_cli-guide_en-us.pdf
IDRAC9 RACADM CLI Guide https://dl.dell.com/content/manual11141900-integrated-dell-remote-access-controller-9-racadm-cli-guide.pdf?language=en-us&ps=true
| CVE | Port | Name | Description |
| CVE-2000-0146 | 5900 | Novell GroupWise Enhancement Pack Java Server URL Handling Overflow DoS | The remote web server can become unresponsive by an overly long request: GET /servlet/AAAA...AAAA This attack is known to affect GroupWise servers. |
| CVE-2002-0748 | 5900 | LabVIEW Web Server HTTP Get Newline DoS | It was possible to kill the web server by sending a request that ends with two LF characters instead of the normal sequence CR LF CR LF (CR = carriage return, LF = line feed). An attacker can exploit this vulnerability to make this server and all LabView applications crash. |
| CVE-1999-0517 | 161 | SNMP Agent Default Community Name (public) | It is possible to obtain the default community name of the remote SNMP server. An attacker may use this information to gain more knowledge about the remote host, or to change the configuration of the remote system (if the default community allows such modifications). |
| 5900 | TLS Version 1.1 Protocol Deprecated | The remote service accepts encrypted connections using TLS 1.1. TLS 1.1 lacks support for current and recommended cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM cannot be used with TLS 1.1. As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major web browsers and major vendors. |
You may SSH to IDRAC IP or use iDRAC Tools for remote RACADM commands to follow the below steps.
Restrict Webserver to the TLS 1.2 protocol.
Check the current iDRAC Webserver settings.
racadm get iDRAC.Webserver racadm>>racadm get iDRAC.Webserver [Key=iDRAC.Embedded.1#WebServer.1] CustomCipherString= Enable=Enabled HttpPort=80 HttpsPort=443 HttpsRedirection=Enabled #MaxNumberOfSessions=8 SSLEncryptionBitLength=128-Bit or higher Timeout=1800 TitleBarOption=Auto TitleBarOptionCustom= TLSProtocol=TLS 1.1 and Higher
To set the iDRAC Webserver settings to TLS 1.2
racadm set iDRAC.Webserver.TLSProtocol 2 racadm>>racadm set iDRAC.Webserver.TLSProtocol 2 [Key=iDRAC.Embedded.1#WebServer.1] Object value modified successfully
Use the get command to confirm the iDRAC Webserver TLS Protocol settings.
racadm get iDRAC.Webserver.TLSProtocol racadm>>racadm get iDRAC.Webserver.TLSProtocol [Key=iDRAC.Embedded.1#WebServer.1] TLSProtocol=TLS 1.2 Only
Through IDRAC Graphical user interface - may see the below screenshot.
Verify SNMP Agent "SNMP Community Name" and change the default SNMP Community name from "Public" to specify a different name or alternately select SNMPv3 Protocol.
This below snippet is taken from the TSR report - Hardware - Attributes Section for reference.
Also may see IDRAC Graphical user interface - iDRAC Settings - Network - Services section.
RACADM CLI command to verify the SNMP Agent - SNMP Protocol settings
racadm>>racadm get iDRAC.SNMP.TrapFormat [Key=iDRAC.Embedded.1#SNMP.1] TrapFormat=SNMPv1
Here the Legal Values
● 0 — SNMPv1
● 1 — SNMPv2
● 2 — SNMPv3
Command to change Object Value
racadm>>racadm set iDRAC.SNMP.TrapFormat 2 [Key=iDRAC.Embedded.1#SNMP.1] Object value modified successfully racadm>>racadm get iDRAC.SNMP.TrapFormat [Key=iDRAC.Embedded.1#SNMP.1] TrapFormat=SNMPv3
RACADM command to verify the SNMP Agent - SNMP Community Name
racadm get iDRAC.SNMP.AgentCommunity racadm>>racadm get iDRAC.SNMP.AgentCommunity [Key=iDRAC.Embedded.1#SNMP.1] AgentCommunity=public
Command to set SNMP Community Name
racadm set iDRAC.SNMP.AgentCommunity <String Name> racadm>>racadm set iDRAC.SNMP.AgentCommunity secure [Key=iDRAC.Embedded.1#SNMP.1] Object value modified successfully
IDRAC8 RACADM CLI Guide https://dl.dell.com/topicspdf/idrac8-lifecycle-controller-v2818181_cli-guide_en-us.pdf
IDRAC9 RACADM CLI Guide https://dl.dell.com/content/manual11141900-integrated-dell-remote-access-controller-9-racadm-cli-guide.pdf?language=en-us&ps=true
Affected Products
PowerFlex rack, VxRack, VxRail, iDRAC7, iDRAC8, iDRAC9Article Properties
Article Number: 000208968
Article Type: How To
Last Modified: 20 Aug 2024
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.