exploitDog

CVE-2021-21578

Опубликовано: 03 авг. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

Ссылки

https://www.dell.com/support/kbdoc/000189193
Vendor Advisory
https://www.dell.com/support/kbdoc/000189193
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:dell:emc_idrac9_firmware:*:*:*:*:*:*:*:*

Версия до 4.40.40.00 (исключая)

EPSS

Процентиль: 71%

0.00692

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

CWE-601

Связанные уязвимости

GHSA-x9c2-w2wv-5pw5

github

больше 3 лет назад

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

EPSS

Процентиль: 71%

0.00692

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

CWE-601