Ana içeriğe atla
Oturumu Kapat

Dell'e Hoş Geldiniz

Hesabım
  • Hızla ve kolayca sipariş verin
  • Siparişleri görüntüleyin ve kargonuzun durumunu izleyin
  • Ürünlerinizin listesini oluşturun ve listeye erişin
Oturum Aç Hesap oluşturun Premier Oturum Açma İş Ortağı Programı Oturum Açma
Bize Ulaşın

DSA-2022-069: Dell iDRAC8 Security Update for a Denial of Service Vulnerability

Summary: Dell iDRAC8 remediation is available for webserver vulnerability that could be exploited by malicious users to compromise the affected system.

Bu makale şunlar için geçerlidir: Bu makale şunlar için geçerli değildir: Bu makale, belirli bir ürüne bağlı değildir. Bu makalede tüm ürün sürümleri tanımlanmamıştır.
Diğer kaynaklara göz atın

Impact

Medium

Details

Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector String
CVE-2022-24423 Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition. 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector String
CVE-2022-24423 Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition. 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Etkilenen Ürünler ve Düzeltme

Product Affected Version(s) Updated Version(s) Link to Update
Dell iDRAC8 Versions prior to 2.83.83.83 2.83.83.83 https://www.dell.com/support/home/drivers/driversdetails?driverid=ddk5r
Product Affected Version(s) Updated Version(s) Link to Update
Dell iDRAC8 Versions prior to 2.83.83.83 2.83.83.83 https://www.dell.com/support/home/drivers/driversdetails?driverid=ddk5r

Geçici Çözümler ve Risk Azaltma

None.

Revision History

RevisionDateDescription
1.02022-04-11Initial Release

Acknowledgements

Dell Technologies would like to thank Ken Pyle from CYBIR for reporting this issue.
 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Yasal Uyarı

Etkilenen Ürünler

iDRAC8, iDRAC7/8 with Lifecycle Controller Version 2.50.50.50, iDRAC7/8 with Lifecycle Controller Version 2.52.52.52, iDRAC7/8 with Lifecycle Controller Version 2.60.60.60, iDRAC7/8 with Lifecycle Controller Version 2.61.60.60 , iDRAC7/8 with Lifecycle Controller Version 2.62.60.60, iDRAC7/8 with Lifecycle Controller Version 2.63.60.61, iDRAC8 with Lifecycle Controller Version 2.12.12.12, iDRAC8 with Lifecycle Controller Version 2.14.14.12, iDRAC8 with Lifecycle Controller Version 2.17.17.13, iDRAC8 with Lifecycle Controller Version 2.18.17.13, iDRAC8 with Lifecycle Controller Version 2.30.119.30, iDRAC8 with Lifecycle Controller Version 2.35.35.35, iDRAC8 with Lifecycle Controller Version 2.42.110.40, iDRAC8 with Lifecycle Controller Version 2.45.45.40, iDRAC8 with Lifecycle Controller Version 2.55.55.50, iDRAC8 with Lifecycle Controller version 2.70.70.70, iDRAC8 with Lifecycle Controller version 2.75.75.75, iDRAC8 with Lifecycle Controller version 2.80.80.80, iDRAC8 with Lifecycle Controller version 2.81.81.81, iDRAC8 with Lifecycle Controller version 2.82.82.82, iDRAC8 with Lifecycle Controller Version 2.04.02.01, iDRAC8 with Lifecycle Controller Version 2.05.05.05, iDRAC8 with Lifecycle Controller Version 2.23.23.21, iDRAC8 with Lifecycle Controller Version 2.00.00.00, iDRAC8 with Lifecycle Controller Version 2.02.01.01, Product Security Information ...
Makale Özellikleri
Article Number: 000198064
Article Type: Dell Security Advisory
Son Değiştirme: 11 Nis 2022
Sorularınıza diğer Dell kullanıcılarından yanıtlar bulun
Destek Hizmetleri
Aygıtınızın Destek Hizmetleri kapsamında olup olmadığını kontrol edin.