← Back

Emc Idrac9 Firmware

emc_idrac9_firmware

Vendor: Dell • 9 CVEs

CVEs (9)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-36301
1Dell
2Emc Idrac8 Firmware
Emc Idrac9 Firmware
Nov 21, 2024
Nov 23, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process e...Show more
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.Show less
CVE-2021-36300
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Nov 23, 2021
N/A· v4
8.2 HIGH· v3
6.4 MEDIUM· v2
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability by sending a specially crafted malicious request to cr...Show more
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability by sending a specially crafted malicious request to crash the webserver or cause information disclosure.Show less
CVE-2021-36299
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Nov 23, 2021
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerabili...Show more
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application.Show less
CVE-2021-21581
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Aug 3, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by trick...Show more
Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link.Show less
CVE-2021-21580
1Dell
2Emc Idrac8 Firmware
Emc Idrac9 Firmware
Nov 21, 2024
Aug 3, 2021
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the applic...Show more
Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate.Show less
CVE-2021-21579
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Aug 3, 2021
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users t...Show more
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.Show less
CVE-2021-21578
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Aug 3, 2021
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users t...Show more
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.Show less
CVE-2021-21577
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Aug 3, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browse...Show more
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link.Show less
CVE-2021-21576
1Dell
1Emc Idrac9 Firmware
Nov 21, 2024
Aug 3, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browse...Show more
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim in to following a specially crafted link.Show less