Article Number: 000198064
Medium
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-24423 | Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition. | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
| Proprietary Code CVE(s) | Description | CVSS Base Score | CVSS Vector String |
| CVE-2022-24423 | Dell iDRAC8 versions prior to 2.83.83.83 contain a denial of service vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to cause resource exhaustion in the webserver, resulting in a denial of service condition. | 5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| Dell iDRAC8 | Versions prior to 2.83.83.83 | 2.83.83.83 | https://www.dell.com/support/home/drivers/driversdetails?driverid=ddk5r |
| Product | Affected Version(s) | Updated Version(s) | Link to Update |
| Dell iDRAC8 | Versions prior to 2.83.83.83 | 2.83.83.83 | https://www.dell.com/support/home/drivers/driversdetails?driverid=ddk5r |
None.
Dell Technologies would like to thank Ken Pyle from CYBIR for reporting this issue.
| Revision | Date | Description |
| 1.0 | 2022-04-11 | Initial Release |
Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide
iDRAC8, iDRAC7/8 with Lifecycle Controller Version 2.50.50.50, iDRAC7/8 with Lifecycle Controller Version 2.52.52.52, iDRAC7/8 with Lifecycle Controller Version 2.60.60.60, iDRAC7/8 with Lifecycle Controller Version 2.61.60.60See more
11 Apr 2022
1
Dell Security Advisory