CVE-2018-1244 vulnerability in Dell Products
Published on July 2, 2018

iDRAC7/iDRAC8/iDrac9 contains a command injection vulnerability in the SNMP agent.
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled.

NVD

Products Associated with CVE-2018-1244

Want to know whenever a new CVE is published for Dell products? stack.watch will email you.

Dell Idrac7 Firmware

Dell Idrac8 Firmware

Dell Idrac9 Firmware

Affected Versions

Dell EMC iDRAC7:

Version unspecified and below 2.60.60.60 is affected.

Dell EMC iDRAC8:

Version unspecified and below 2.60.60.60 is affected.

Dell EMC iDRAC9:

Version unspecified and below 3.21.21.21 is affected.

Exploit Probability

EPSS

1.79%

Percentile

82.55%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1244 vulnerability in Dell ProductsPublished on July 2, 2018

Products Associated with CVE-2018-1244

Affected Versions

Exploit Probability

CVE-2018-1244 vulnerability in Dell Products
Published on July 2, 2018