{"vuid":"VU#920038","idnumber":"920038","name":"Dell iDRAC 6 and iDRAC 7 are vulnerable to a cross-site scripting (XSS) attack","keywords":["Dell","iDRAC","cross-site scripting","XSS","CWE-79","CVE-2013-3589"],"overview":"Dell iDRAC 6 version 1.41, Dell iDRAC 7 version 1.40.40 and possibly earlier versions contain a reflected cross-site scripting (XSS) (CWE-79) vulnerability.","clean_desc":"CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Dell iDRAC 6 version 1.41 and Dell iDRAC 7 version 1.40.40's administrative web interface login page can allow remote attackers to inject arbitrary script via the vulnerable query string parameter ErrorMsg.","impact":"A remote unauthenticated attacker may be able to execute arbitrary script in the context of the user's browser.","resolution":"We are currently unaware of a practical solution to this problem. Please consider the following workarounds.","workarounds":"Apply an Update Firmware updates will be posted to the Dell support page when available. Users should download the appropriate update for the version of iDRAC they have installed: iDRAC6 “monolithic” (rack and towers) – FW version 1.96; targeted release date is Q4CY13. iDRAC7 all models – FW version 1.46.45; target release date is mid/late September 2013. NOTE: iDRAC6 “modular” (blades) are not affected; no updates are required. Restrict access As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS attacks since the attack comes as an HTTP request from a legitimate user's host. Restricting access would prevent an attacker from accessing the Dell iDRAC web interface using stolen credentials from a blocked network location.","sysaffected":"","thanks":"Thanks to Tudor Enache of Help AG Middle East for reporting this vulnerability.","author":"This document was written by Adam Rauf.","public":["http://cwe.mitre.org/data/definitions/79.html","http://en.community.dell.com/techcenter/systems-management/w/wiki/4357.idrac6-home.aspx","http://www.dell.com/learn/us/en/555/solutions/integrated-dell-remote-access-controller-idrac","http://support.dell.com/"],"cveids":["CVE-2013-3589"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2013-07-01T17:01:52Z","publicdate":"2013-09-23T00:00:00Z","datefirstpublished":"2013-09-23T14:02:13Z","dateupdated":"2013-09-24T19:28:17Z","revision":25,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"C","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"W","cvss_reportconfidence":"ND","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"8.5","cvss_basevector":"AV:N/AC:L/Au:N/C:P/I:C/A:N","cvss_temporalscore":"7.7","cvss_environmentalscore":"1.9","cvss_environmentalvector":"CDP:ND/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}