Vulnerability Details CVE-2021-36347
iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.2%
CVSS Severity
CVSS v3 Score 6.2
CVSS v2 Score 9.0
References
Products affected by CVE-2021-36347
-
cpe:2.3:h:dell:integrated_dell_remote_access_controller_8:-
-
cpe:2.3:h:dell:integrated_dell_remote_access_controller_9:-
-
cpe:2.3:o:dell:integrated_dell_remote_access_controller_8_firmware:-
-
cpe:2.3:o:dell:integrated_dell_remote_access_controller_9_firmware:-