PT-2021-21243 · Dell+1 · Idrac8+2

Published

2021-12-16

Updated

2022-02-01

CVE-2021-36347

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions iDRAC9 versions prior to 5.00.20.00 iDRAC8 versions prior to 2.82.82.82

Description The issue is a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system.

Recommendations For iDRAC9 versions prior to 5.00.20.00, update to version 5.00.20.00 or later to resolve the issue. For iDRAC8 versions prior to 2.82.82.82, update to version 2.82.82.82 or later to resolve the issue.

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2021-36347

Affected Products

Check Point Gaia

Idrac8

Idrac9

PT-2021-21243 · Dell+1 · Idrac8+2

CVE-2021-36347

Weakness Enumeration

Related Identifiers

Affected Products

References · 6