Support Center > Search Results > SecureKnowledge Details
Check Point Response to CVE-2022-24422: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability Technical Level
Symptoms
  • Dell published CVE-2022-24422 for iDRAC9 versions 5.00.00.00 and higher but lower than 5.10.10.00. These versions contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to gain access to the VNC Console.
    For more information, refer to CVE-2022-24422.

Cause
Solution
Important Note: If you have not enabled iDRAC (as described in sk122914), your Smart-1 appliance is not affected.

If you have enabled iDRAC, upgrade to the final version for your Smart-1 appliance model. For instructions, refer to sk122914 - Enabling LOM (iDRAC) Management for Smart-1 525/5050/5150/625/6000-L/6000-XL/600-M Appliances (section: iDRAC Firmware Upgrade Path).

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment