cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-1244,https://securityvulnerability.io/vulnerability/CVE-2018-1244,iDRAC7/iDRAC8/iDrac9 contains a command injection vulnerability in the SNMP agent.,"Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled.",Dell,"Idrac7,Idrac8,Idrac9",8.8,HIGH,0.001019999966956675,false,,false,false,false,,,false,false,,2018-07-02T17:29:00.000Z,0
CVE-2018-1249,https://securityvulnerability.io/vulnerability/CVE-2018-1249,iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs,Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server.,Dell,Idrac9,6.5,MEDIUM,0.0016199999954551458,false,,false,false,false,,,false,false,,2018-07-02T17:29:00.000Z,0