Vulnerability Details CVE-2016-5685
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2016-5685
-
cpe:2.3:h:dell:idrac7:-
-
cpe:2.3:h:dell:idrac8:-
-
cpe:2.3:o:dell:idrac7_firmware:1.00.00
-
cpe:2.3:o:dell:idrac7_firmware:1.06.06
-
cpe:2.3:o:dell:idrac7_firmware:1.10.10
-
cpe:2.3:o:dell:idrac7_firmware:1.20.20
-
cpe:2.3:o:dell:idrac7_firmware:1.23.23
-
cpe:2.3:o:dell:idrac7_firmware:1.37.35
-
cpe:2.3:o:dell:idrac7_firmware:1.40.40
-
cpe:2.3:o:dell:idrac7_firmware:2.30.30.30
-
cpe:2.3:o:dell:idrac8_firmware:2.00.00.00
-
cpe:2.3:o:dell:idrac8_firmware:2.30.30.30