Skip to main content

Emc Idrac9 Firmware

9 CVEs product

Monthly

CVE-2021-36301 HIGH PATCH This Week

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Dell Stack Overflow Emc Idrac8 Firmware Emc Idrac9 Firmware
NVD
CVSS 3.1
7.2
EPSS
27.7%
CVE-2021-36300 HIGH PATCH This Week

iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Information Disclosure Emc Idrac9 Firmware
NVD
CVSS 3.1
8.2
EPSS
33.3%
CVE-2021-36299 HIGH PATCH This Week

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Dell SQLi Denial Of Service Information Disclosure Emc Idrac9 Firmware
NVD
CVSS 3.1
8.1
EPSS
29.6%
CVE-2021-21581 MEDIUM This Month

Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell XSS Emc Idrac9 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-21580 MEDIUM This Month

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Code Injection Emc Idrac8 Firmware Emc Idrac9 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2021-21579 MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Open Redirect Emc Idrac9 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-21578 MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Open Redirect Emc Idrac9 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-21577 MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell XSS Emc Idrac9 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-21576 MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell XSS Emc Idrac9 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
EPSS 28% CVSS 7.2
HIGH PATCH This Week

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Dell Stack Overflow +2
NVD
EPSS 33% CVSS 8.2
HIGH PATCH This Week

iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Information Disclosure Emc Idrac9 Firmware
NVD
EPSS 30% CVSS 8.1
HIGH PATCH This Week

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Dell SQLi Denial Of Service +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell XSS Emc Idrac9 Firmware
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Code Injection Emc Idrac8 Firmware +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Open Redirect Emc Idrac9 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Open Redirect Emc Idrac9 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell XSS Emc Idrac9 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell XSS Emc Idrac9 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy