CVE-2018-15774 vulnerability in Dell Products
Published on December 13, 2018

iDRAC7/iDRAC8/iDRAC9 - Privilege Escalation Vulnerability
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access.

NVD

Products Associated with CVE-2018-15774

Want to know whenever a new CVE is published for Dell products? stack.watch will email you.

Dell Idrac7 Firmware

Dell Idrac8 Firmware

Dell Idrac9 Firmware

Affected Versions

Dell EMC iDRAC:

Version iDRAC7 and below 2.61.60.60 is affected.
Version iDRAC8 and below 2.61.60.60 is affected.
Version iDRAC9 and below 3.20.21.20 is affected.
Version iDRAC9 and below 3.23.23.23 is affected.

Exploit Probability

EPSS

0.30%

Percentile

53.16%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-15774 vulnerability in Dell ProductsPublished on December 13, 2018

Products Associated with CVE-2018-15774

Affected Versions

Exploit Probability

CVE-2018-15774 vulnerability in Dell Products
Published on December 13, 2018