admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-08 11:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2019/CVE-2019-3764.md

19 lines
1017 B
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2019-3764](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3764)
![](https://img.shields.io/static/v1?label=Product&message=Integrated%20Dell%20Remote%20Access%20Controller%20(iDRAC)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%20iDRAC7%3A%202.65.65.65%2C%20iDRAC8%3A%202.70.70.70%2C%20iDRAC9%3A%203.40.40.40%20and%203.36.36.36%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%3A%20Improper%20Authorization&color=brighgreen)
### Description
Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. A remote authenticated malicious iDRAC user with low privileges may potentially exploit this vulnerability to obtain sensitive information such as password hashes.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/chnzzh/iDRAC-CVE-lib
Reference in New Issue Copy Permalink