CVE-2018-1212

Name of the Vulnerable Software and Affected Versions Dell EMC iDRAC6 versions prior to 2.91 Dell EMC iDRAC6 Modular all versions

Description The web-based diagnostics console contains a command injection issue. A remote authenticated malicious user with access to the diagnostics console could potentially exploit this to execute arbitrary commands as root on the affected system.

Recommendations For versions prior to 2.91, update to version 2.91 or later to resolve the issue. For Modular versions, at the moment, there is no information about a newer version that contains a fix for this issue.