Article Number: 000222591
High
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-25951 | A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system. | 8.0 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
---|---|---|---|
CVE-2024-25951 | A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system. | 8.0 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|---|
CVE-2024-25951 | iDRAC8 | iDRAC8 | Versions prior to 2.85.85.85 | 2.85.85.85 | iDRAC 2.85.85.85 |
CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
---|---|---|---|---|---|
CVE-2024-25951 | iDRAC8 | iDRAC8 | Versions prior to 2.85.85.85 | 2.85.85.85 | iDRAC 2.85.85.85 |
none
Dell Technologies would like to thank NCC Group for reporting this issue.
Revision | Date | Description |
---|---|---|
1.0 | 2024-02-29 | Initial Release |
Dell DL1300, Dell DL4300, Dell DR4300, Dell DR4300e, Dell DR6300, Dell XC430 Hyper-converged Appliance, Dell XC430 Xpress Hyper-converged Appliance, Dell Storage NX3230, Dell Storage NX3330, Dell Storage NX430
29 Feb 2024
1
Dell Security Advisory