vulnerability

Dell iDRAC: CVE-2021-21542: DSA-2021-073: Dell iDRAC 9 Security Update for Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	2021-04-14	2023-11-03	2023-11-08

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

2021-04-14

Added

2023-11-03

Modified

2023-11-08

Description

Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges could potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected while generating a certificate. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.

Solution

dell-idrac-upgrade-latest

References

URL-https://www.dell.com/support/kbdoc/000185293
CVE-2021-21542
https://attackerkb.com/topics/CVE-2021-21542

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today