ГлавнаяУязвимости → CVE-2024-0172
7.9высокая

CVE-2024-0172

Описание

Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.

Затрагиваемое ПО
Dell Poweredge r660 firmwareDell Poweredge r660Dell Poweredge r760 firmwareDell Poweredge r760Dell Poweredge c6620 firmwareDell Poweredge c6620Dell Poweredge mx760c firmwareDell Poweredge mx760cDell Poweredge r860 firmwareDell Poweredge r860Dell Poweredge r960 firmwareDell Poweredge r960Dell Poweredge hs5610 firmwareDell Poweredge hs5610Dell Poweredge hs5620 firmwareDell Poweredge hs5620Dell Poweredge r660xs firmwareDell Poweredge r660xsDell Poweredge r760xs firmwareDell Poweredge r760xsDell Poweredge r760xd2 firmwareDell Poweredge r760xd2Dell Poweredge t560 firmwareDell Poweredge t560Dell Poweredge r760xa firmware
CVSS
Балл7.9 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
Источники
https://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerabilityhttps://www.dell.com/support/kbdoc/en-us/000223727/dsa-2024-035-security-update-for-dell-poweredge-server-bios-for-an-improper-privilege-management-security-vulnerability