CVE-2018-1249 is a vulnerability in Dell Idrac9 Firmware
Published on July 2, 2018

iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs
Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server.

NVD

Products Associated with CVE-2018-1249

Want to know whenever a new CVE is published for Dell Idrac9 Firmware? stack.watch will email you.

Dell Idrac9 Firmware

Affected Versions

Dell EMC iDRAC9:

Version unspecified and below 3.21.21.21 is affected.

Exploit Probability

EPSS

0.51%

Percentile

66.28%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1249 is a vulnerability in Dell Idrac9 FirmwarePublished on July 2, 2018

Products Associated with CVE-2018-1249

Affected Versions

Exploit Probability

CVE-2018-1249 is a vulnerability in Dell Idrac9 Firmware
Published on July 2, 2018