cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-25943,https://securityvulnerability.io/vulnerability/CVE-2024-25943,Dell iDRAC9 Session Hijacking Vulnerability Affects Multiple Generations,"The iDRAC9 interface from Dell, particularly in certain versions, contains a vulnerability related to session hijacking within the Intelligent Platform Management Interface (IPMI). This security flaw allows a remote attacker to exploit the session management process, potentially gaining unauthorized access and executing arbitrary code on the targeted application. This vulnerability highlights the importance of maintaining updated firmware to protect against such remote exploitation risks.",Dell,Integrated Dell Remote Access Controller 9,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-06-29T12:52:27.699Z,0
CVE-2022-34435,https://securityvulnerability.io/vulnerability/CVE-2022-34435,Improper Input Validation in Dell iDRAC9 Firmware,"Dell iDRAC9 versions up to 6.00.02.00 are vulnerable due to improper input validation in the Racadm command-line utility when firmware lock-down is enabled. This weakness allows a remote attacker with elevated privileges to bypass the firmware lock-down and execute unauthorized firmware updates, potentially compromising the security and stability of affected devices. It's crucial for users to assess their systems and implement security measures to mitigate this vulnerability.",Dell,Integrated Dell Remote Access Controller 9,2.7,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2023-01-18T11:07:45.399Z,0
CVE-2022-24422,https://securityvulnerability.io/vulnerability/CVE-2022-24422,Improper Authentication Vulnerability in Dell iDRAC9 Products,"Dell iDRAC9, specifically versions ranging from 5.00.00.00 to just below 5.10.10.00, contains a vulnerability that allows a remote attacker to bypass authentication mechanisms. This exploitation could enable unauthorized access to the VNC Console, posing a significant risk to the security of affected systems. Users of these versions should prioritize security updates to mitigate potential threats.",Dell,Integrated Dell Remote Access Controller 9,9.6,CRITICAL,0.004610000178217888,false,,false,false,false,,,false,false,,2022-05-26T16:15:00.000Z,0