Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-21544
HistoryApr 30, 2021 - 9:15 p.m.

CVE-2021-21544

2021-04-3021:15:08
CWE-602
CWE-287
[email protected]
web.nvd.nist.gov
66
dell
emc
idrac9
vulnerability
authentication
cve-2021-21544
nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

2.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

4.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.5%

JSON

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to manipulate the username field under the comment section and set the value to any user.

Affected configurations

NVD
Node
dellidrac9_firmwareRange<4.40.00.00

CNA Affected

[
  {
    "product": "Integrated Dell Remote Access Controller (iDRAC)",
    "vendor": "Dell",
    "versions": [
      {
        "lessThan": "4.40.00.00",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nessus 2
cvelist 1
nvd 1
prion
prion
Authentication flaw
2021-04-30 21:15:00
nessus
nessus
Dell iDRAC9 Improper Authentication (CVE-2021-21544)
2024-01-17 00:00:00
Dell iDRAC Multiple Vulnerabilities (DSA-2021-073)
2021-04-23 00:00:00
cvelist
cvelist
CVE-2021-21544
2021-04-14 00:00:00
nvd
nvd
CVE-2021-21544
2021-04-30 21:15:08

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

2.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

4.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.5%

JSON
Related for CVE-2021-21544
prion1nessus2cvelist1nvd1