Dell IDRAC Weak SessionID Vulnerability Network Vulnerability

Summary

IPMI v1.5 SessionID's are not randomized sufficiently across different channels.

Impact

A remote attacker might be able to execute arbitrary commands via a brute-force attack.

Solution

Updates from Dell are available which will disable IPMI v1.5. As a workaround disable IPMI v1.5.

Insight

Dell iDRAC6 and iDRAC7 does not properly randomize session ID values, which makes it easier for remote attackers to execute arbitrary commands via a brute-force attack.

Affected

Dell iDRAC6 modular before 3.65, iDRAC6 monolithic before 1.98 and iDRAC7 before 1.57.57.

Detection

Checks randomness of the session ID's by activating sessions.

References

https://labs.mwrinfosecurity.com/blog/2015/01/08/cve-2014-8272/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-8272

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
Apache Tomcat servlet/JSP container default files

Dell iDRAC Weak SessionID Vulnerability

Take action and discover your vulnerabilities