Security Advisory

CVE-2018-1249

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-07-02 17:00:00

Last updated 2024-09-17 03:19:03

Assigner dell

State PUBLISHED

Description

Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server.

← Browse all CVEs View on cve.org ↗