CVE-2024-25943 Information

Description

iDRAC9 versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations contains a session hijacking vulnerability in IPMI. A remote attacker could potentially exploit this vulnerability leading to arbitrary code execution on the vulnerable application.

Reference

https://www.dell.com/support/kbdoc/en-us/000226503/dsa-2024-099-security-update-for-dell-idrac9-ipmi-session-vulnerability