Home

Description

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

PUBLISHED Reserved 2025-01-06 | Published 2025-11-06 | Updated 2025-11-06 | Assigner dell




MEDIUM: 6.7CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

Any version before 7.00.00.181
affected

Default status
unaffected

6.10.80.00 (semver) before 7.20.10.50
affected

Default status
unaffected

Any version before 1.20.25.00
affected

References

www.dell.com/...-for-dell-idrac9-and-idrac10-vulnerabilities vendor-advisory

cve.org (CVE-2025-22397)

nvd.nist.gov (CVE-2025-22397)

Download JSON