CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-3706

Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC web interface.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 81.9%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 10.0

References

https://www.dell.com/support/article/us/en/04/sln316930/dsa-2019-028-dell-emc-idrac-multiple-vulnerabilities?lang=en
https://www.dell.com/support/article/us/en/04/sln316930/dsa-2019-028-dell-emc-idrac-multiple-vulnerabilities?lang=en

Products affected by CVE-2019-3706

Dell » Idrac9 Firmware » Version: 3.20.21.20

cpe:2.3:o:dell:idrac9_firmware:3.20.21.20
Dell » Idrac9 Firmware » Version: 3.21.24.22

cpe:2.3:o:dell:idrac9_firmware:3.21.24.22
Dell » Idrac9 Firmware » Version: 3.23.23.23

cpe:2.3:o:dell:idrac9_firmware:3.23.23.23

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3706

Products

Pricing

Contact Us