Dell iDRAC 6 version 1.41, Dell iDRAC 7 version 1.40.40 and possibly earlier versions contain a reflected cross-site scripting (XSS) (CWE-79) vulnerability.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Dell iDRAC 6 version 1.41 and Dell iDRAC 7 version 1.40.40's administrative web interface login page can allow remote attackers to inject arbitrary script via the vulnerable query string parameter ErrorMsg.
A remote unauthenticated attacker may be able to execute arbitrary script in the context of the user's browser.
We are currently unaware of a practical solution to this problem. Please consider the following workarounds.
Apply an Update
As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS attacks since the attack comes as an HTTP request from a legitimate user's host. Restricting access would prevent an attacker from accessing the Dell iDRAC web interface using stolen credentials from a blocked network location.
Thanks to Tudor Enache of Help AG Middle East for reporting this vulnerability.
This document was written by Adam Rauf.
|Date First Published:||2013-09-23|
|Date Last Updated:||2013-09-24 19:28 UTC|