vulnerability

Dell iDRAC: CVE-2019-3706: DSA-2019-028: Dell EMC iDRAC Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Dec 8, 2020	Nov 3, 2023	Nov 26, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Dec 8, 2020

Added

Nov 3, 2023

Modified

Nov 26, 2025

Description

Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC web interface.

Solution

dell-idrac-upgrade-latest

References

URL-https://www.dell.com/support/kbdoc/en-us/000180622/dsa-2019-028-dell-emc-idrac-multiple-vulnerabilities-1
CVE-2019-3706
https://attackerkb.com/topics/CVE-2019-3706

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today