CVE-2021-21544

Low

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with…

dell·CWE-602·Published 2021-04-30

CVSS

2.7

EPSS

0.01

KEV

Exploits

cve.orgen

288 chars

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to manipulate the username field under the comment section and set the value to any user.

NVDen

288 chars

NVDes

330 chars

Dell EMC iDRAC9 versiones anteriores a 4.40.00.00, contiene una vulnerabilidad de autenticación inapropiada. Un usuario malicioso autenticado remoto con privilegios elevados podría explotar potencialmente esta vulnerabilidad para manipular el campo username en la sección comment y establecer el valor para cualquier usuario.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N
3.1	Primary	cve.org	2.7	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N