Red Security
News Researchers Warn of High-Severity Dell PowerEdge Server Flaw - Printable Version

+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Researchers Warn of High-Severity Dell PowerEdge Server Flaw (/showthread.php?tid=1521)



Researchers Warn of High-Severity Dell PowerEdge Server Flaw - Mr.Kurd - 07-29-2020

In The Name OF Allah
Al-Salam Alekum
[Image: Dell.jpg]



Quote:Researchers have disclosed details of a recently patched, high-severity Dell PowerEdge server flaw, which if exploited could allow an attacker to fully take over and control server operations.


The web vulnerability was found in the Dell EMC iDRAC remote access controller, technology embedded within the latest versions of Dell PowerEdge servers. While the vulnerability was fixed earlier in July, Georgy Kiguradze and Mark Ermolov, the researchers with Positive Technologies who discovered the flaw, published a detailed analysis, Tuesday.

The path traversal vulnerability (CVE-2020-5366), found in Dell EMC iDRAC9 versions prior to 4.20.20.20, is rated as a 7.1 in terms of exploitability, giving it a high-severity vulnerability rating, according to an advisory published online by Dell.



CVE-2020-5366

Source
Wa Salam Alekum