CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-36299

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.4%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.5

References

https://support.emc.com/kb/000191229
https://support.emc.com/kb/000191229

Products affected by CVE-2021-36299

Dell » Emc Idrac9 Firmware » Version: 4.40.00.00

cpe:2.3:o:dell:emc_idrac9_firmware:4.40.00.00
Dell » Emc Idrac9 Firmware » Version: 4.40.10.00

cpe:2.3:o:dell:emc_idrac9_firmware:4.40.10.00
Dell » Emc Idrac9 Firmware » Version: 4.40.20.00

cpe:2.3:o:dell:emc_idrac9_firmware:4.40.20.00
Dell » Emc Idrac9 Firmware » Version: 5.00.00.00

cpe:2.3:o:dell:emc_idrac9_firmware:5.00.00.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36299

Products

Pricing

Contact Us