CVE-2024-0171

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dell:poweredge_r6615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r6615:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:dell:poweredge_r7615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r7615:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:dell:poweredge_r6625_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r6625:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:dell:poweredge_r7625_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_r7625:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:dell:poweredge_c6615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:poweredge_c6615:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:dell:xc_core_xc7625_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:dell:xc_core_xc7625:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-06-25 16:15

Updated : 2024-11-21 08:45


NVD link : CVE-2024-0171

Mitre link : CVE-2024-0171

CVE.ORG link : CVE-2024-0171


JSON object : View

Products Affected

dell

  • poweredge_r6615_firmware
  • poweredge_r7625_firmware
  • poweredge_c6615_firmware
  • xc_core_xc7625
  • poweredge_r6625_firmware
  • poweredge_r7615
  • poweredge_r7615_firmware
  • poweredge_c6615
  • xc_core_xc7625_firmware
  • poweredge_r6625
  • poweredge_r7625
  • poweredge_r6615
CWE
CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition