vulnerability

Dell iDRAC: CVE-2019-3706: DSA-2019-028: Dell EMC iDRAC Multiple Vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Dec 8, 2020

Added

Nov 3, 2023

Modified

Nov 26, 2025

Description

Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC web interface.

Solution

dell-idrac-upgrade-latest

References

https://www.dell.com/support/kbdoc/en-us/000180622/dsa-2019-028-dell-emc-idrac-multiple-vulnerabilities-1
CVE-2019-3706
https://attackerkb.com/topics/CVE-2019-3706

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report