← back
CVE-2014-8272

CVE-2014-8272

EPSS 21.2%
The IPMI 1.5 functionality in Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98, and iDRAC7 before 1.57.57 does not properly select session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/35770unverifiedexploitdbwww.exploit-db.com/exploits/35770unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.exploit-db.com/exploits/35770http://www.kb.cert.org/vuls/id/843044http://www.kb.cert.org/vuls/id/BLUU-9RDQHM