CVE-2019-3707
HIGHDell EMC iDRAC9 < 3.30.30.30 - Authentication Bypass via WS-MAN Interface
Title source: llmDescription
Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted input data to the WS-MAN interface.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.dell.com/support/article/us/en/04/sln316930/dsa-2019-028-dell-emc-idrac-multiple-vulnerabilities?lang=en
Scores
CVSS v3
8.6
EPSS
0.0179
EPSS Percentile
83.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Details
Status
published
Products (1)
dell/idrac9_firmware
< 3.30.30.30
Published
Apr 26, 2019
Tracked Since
Feb 18, 2026