Vulnerabilities > Dell > EMC Idrac9 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-23 | CVE-2021-36299 | SQL Injection vulnerability in Dell EMC Idrac9 Firmware Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL injection vulnerability. | 8.1 |
| 2021-11-23 | CVE-2021-36300 | Unspecified vulnerability in Dell EMC Idrac9 Firmware iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. | 8.2 |
| 2021-11-23 | CVE-2021-36301 | Out-of-bounds Write vulnerability in Dell EMC Idrac8 Firmware and EMC Idrac9 Firmware Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. | 7.2 |
| 2021-08-03 | CVE-2021-21576 | Cross-site Scripting vulnerability in Dell EMC Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. | 6.1 |
| 2021-08-03 | CVE-2021-21577 | Cross-site Scripting vulnerability in Dell EMC Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. | 6.1 |
| 2021-08-03 | CVE-2021-21578 | Open Redirect vulnerability in Dell EMC Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. | 6.1 |
| 2021-08-03 | CVE-2021-21579 | Open Redirect vulnerability in Dell EMC Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. | 6.1 |
| 2021-08-03 | CVE-2021-21580 | Injection vulnerability in Dell EMC Idrac8 Firmware and EMC Idrac9 Firmware Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate. | 4.3 |
| 2021-08-03 | CVE-2021-21581 | Cross-site Scripting vulnerability in Dell EMC Idrac9 Firmware Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. | 6.1 |