Redfish Interface Privilege Escalation Vulnerability in Dell EMC iDRAC
CVE-2018-15774 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access.
Learn more about our User Device Pen Test.