cve/CVE-2018-1249.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/chnzzh/iDRAC-CVE-lib

787 B Raw Blame History

CVE-2018-1249

Description

POC

Reference

Github

787 B

Raw Blame History