Lucene search
China National Vulnerability DatabaseCNVD-2021-94893HistoryAug 04, 2021 - 12:00 a.m.
Dell EMC iDRAC9 and EMC iDRAC8 Spoofing Vulnerability
2021-08-0400:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
33.8%
Dell EMC iDRAC9 is the United States Dell (DELL) company’s set of hardware and software system management solutions. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems.Dell EMC iDRAC8 versions prior to 2.80.80.80 and Dell EMC iDRAC9 versions prior to 5.00.00.00 are vulnerable to spoofing. A remote attacker can exploit the vulnerability with a malicious URL to inject text to display a custom message on the application, thereby convincing the user of the legitimacy of the message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| DELL Dell EMC iDRAC9 <5. | eq | 00.00.00 | |
| Dell Dell EMC iDRAC8 <2. | eq | 80.80.80 |
Related
cvelist
cvelist
CVE-2021-21580
2021-06-30 00:00:00
cve
cve
CVE-2021-21580
2021-08-03 16:15:08
prion
prion
Code injection
2021-08-03 16:15:00
nvd
nvd
CVE-2021-21580
2021-08-03 16:15:08
nessus
nessus
Dell EMC Injection (CVE-2021-21580)
2024-01-17 00:00:00