VDB
WID-SEC-W-2024-1437
WID-SEC-W-2024-1437
PUBLISHED
Der integrierte Dell Remote Access Controller (iDRAC) ermöglicht eine Out-of-Band-Verwaltung auf bestimmten Dell-Servern.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell integrated Dell Remote Access Controller 7.00.00.172 | ||
| Dell integrated Dell Remote Access Controller <7.00.00.172 | ||
| Dell integrated Dell Remote Access Controller <7.10.30.00 | ||
| Dell integrated Dell Remote Access Controller 7.00.00.171 | ||
| Dell integrated Dell Remote Access Controller <7.00.00.171 | ||
| Dell integrated Dell Remote Access Controller <7.10.50.00 | ||
| Dell Avamar Gen5a <Hotfix 338868 | ||
| Dell integrated Dell Remote Access Controller 7.10.30.00 | ||
| Dell Avamar Gen5a Hotfix 338868 | ||
| Dell integrated Dell Remote Access Controller 7.10.50.00 |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1437.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1437 (circl)
- https://www.dell.com/support/kbdoc/de-de/000226353/dsa-2024-223-security-update-for-dell-idrac9-vulnerability (circl)
- https://www.dell.com/support/kbdoc/de-de/000226356/dsa-2024-286-security-update-for-dell-idrac9-vulnerability (circl)
- https://www.dell.com/support/kbdoc/de-de/000304933/dsa-2025-167-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities (circl)
Timeline
- Jun 24, 2024 CVE Published
- Apr 7, 2025 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1437.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1437 advisory
- https://www.dell.com/support/kbdoc/de-de/000226353/dsa-2024-223-security-update-for-dell-idrac9-vulnerability url
- https://www.dell.com/support/kbdoc/de-de/000226356/dsa-2024-286-security-update-for-dell-idrac9-vulnerability url
- https://www.dell.com/support/kbdoc/de-de/000304933/dsa-2025-167-security-update-for-dell-avamar-data-store-gen5a-multiple-third-party-component-vulnerabilities url