Dell Emc Idrac9 Firmware

Do you want an email whenever new security vulnerabilities are reported in Dell Emc Idrac9 Firmware?

By the Year

In 2024 there have been 0 vulnerabilities in Dell Emc Idrac9 Firmware . Emc Idrac9 Firmware did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	0	0.00
2022	0	0.00
2021	9	6.48
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Emc Idrac9 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Dell Emc Idrac9 Firmware Security Vulnerabilities

iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability

CVE-2021-36300 8.2 - High - November 23, 2021

iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability by sending a specially crafted malicious request to crash the webserver or cause information disclosure.

SQL Injection

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability

CVE-2021-36299 8.1 - High - November 23, 2021

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application.

SQL Injection

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm

CVE-2021-36301 7.2 - High - November 23, 2021

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.

Memory Corruption

Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability

CVE-2021-21581 6.1 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victims browser by tricking a victim in to following a specially crafted link.

XSS

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability

CVE-2021-21576 6.1 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victims browser by tricking a victim in to following a specially crafted link.

XSS

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application

CVE-2021-21580 4.3 - Medium - August 03, 2021

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate.

Injection

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability

CVE-2021-21579 6.1 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

Open Redirect

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability

CVE-2021-21578 6.1 - Medium - August 03, 2021

Open Redirect

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability

CVE-2021-21577 6.1 - Medium - August 03, 2021

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Dell Emc Idrac9 Firmware or by Dell? Click the Watch button to subscribe.

Dell
Vendor

Dell Emc Idrac9 Firmware
Product

Dell Emc Idrac9 Firmware

By the Year

Recent Dell Emc Idrac9 Firmware Security Vulnerabilities

iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability CVE-2021-36300 8.2 - High - November 23, 2021

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability CVE-2021-36299 8.1 - High - November 23, 2021

Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm CVE-2021-36301 7.2 - High - November 23, 2021

Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability CVE-2021-21581 6.1 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability CVE-2021-21576 6.1 - Medium - August 03, 2021

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application CVE-2021-21580 4.3 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability CVE-2021-21579 6.1 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability CVE-2021-21578 6.1 - Medium - August 03, 2021

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability CVE-2021-21577 6.1 - Medium - August 03, 2021