Dell iDRAC CVE-2016-5685, bash vulnerability (old news)

SecuriTeam confused me by reposting a 2016 Dell iDDRAC vulnerability today, but I don’t see anything new. Just in case you weren’t aware of this issue, and you have a Dell system, here’s info on this older vulnerability, see the last link for a PDF-based response from the Dell iDRAC team.

Dell iDRAC team’s response to Common Vulnerabilities and Exposures (CVE) ID CVE-2016-5685 [16 November 2016]
Summary: an authenticated user could gain Bash shell access through a string injection.
Dell Response: update to the latest iDRAC firmware, which remediates this potential vulnerability.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s