{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T13:29:43.728","vulnerabilities":[{"cve":{"id":"CVE-2018-1211","sourceIdentifier":"security_alert@emc.com","published":"2018-03-23T14:29:00.353","lastModified":"2024-11-21T03:59:23.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings."},{"lang":"es","value":"Dell EMC iDRAC7/iDRAC8, en versiones anteriores a la 2.52.52.52, contiene una vulnerabilidad de salto de directorio en su analizador URI del servidor web que podría utilizarse para obtener información sensible específica sin autenticación. Un atacante remoto no autenticado podría leer los ajustes de configuración del iDRAC consultando cadenas URI específicas."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_idrac7:*:*:*:*:*:*:*:*","versionEndExcluding":"2.52.52.52","matchCriteriaId":"E41F5175-E4C0-40BC-A7AD-F0681CED1B35"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:emc_idrac8:*:*:*:*:*:*:*:*","versionEndExcluding":"2.52.52.52","matchCriteriaId":"6DB163F4-B9BB-4360-ADE0-402FB95C52CB"}]}]}],"references":[{"url":"http://en.community.dell.com/techcenter/extras/m/white_papers/20485410","source":"security_alert@emc.com","tags":["Vendor Advisory"]},{"url":"http://en.community.dell.com/techcenter/extras/m/white_papers/20485410","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}