Detections
Analytics

Dell iDRAC6 Improper Authentication (CVE-2013-4783)

critical Tenable OT Security Plugin ID 501892

Synopsis

The remote OT asset is affected by a vulnerability.

Description

The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. NOTE: the vendor disputes the significance of this issue, stating DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?bbbee7cf

http://www.nessus.org/u?706abaa4

http://fish2.com/ipmi/cipherzero.html

http://osvdb.org/show/osvdb/93039

http://www.nessus.org/u?63022bc4

http://www.wired.com/threatlevel/2013/07/ipmi/

http://www.nessus.org/u?c9f54a37

Plugin Details

Severity: Critical

ID: 501892

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 1/17/2024

Updated: 1/18/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-4783

Vulnerability Information

CPE: cpe:/h:dell:idrac6_bmc

Required KB Items: Tenable.ot/Dell

Exploit Ease: No known exploits are available

Patch Publication Date: 7/8/2013

Vulnerability Publication Date: 7/8/2013

Reference Information

CVE: CVE-2013-4783

CWE: 287

OSVDB: 93039