Vulnerabilities > Dell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-30 | CVE-2021-21543 | Cross-site Scripting vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.00.00 contain multiple stored cross-site scripting vulnerabilities. | 4.8 |
| 2021-04-30 | CVE-2021-21542 | Cross-site Scripting vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.10.00 contain multiple stored cross-site scripting vulnerabilities. | 4.8 |
| 2021-04-30 | CVE-2021-21541 | Cross-site Scripting vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a DOM-based cross-site scripting vulnerability. | 6.1 |
| 2021-04-30 | CVE-2021-21537 | Information Exposure vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. | 5.5 |
| 2021-04-30 | CVE-2021-21536 | Information Exposure vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. | 5.5 |
| 2021-04-20 | CVE-2021-21526 | OS Command Injection vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS 8.1.0 - 9.1.0 contains a privilege escalation in SmartLock compliance mode that may allow compadmin to execute arbitrary commands as root. | 6.7 |
| 2021-04-02 | CVE-2021-21533 | Improper Input Validation vulnerability in Dell Wyse Management Suite Wyse Management Suite versions up to 3.2 contains a vulnerability wherein a malicious authenticated user can cause a denial of service in the job status retrieval page, also affecting other users that would have normally access to the same subset of job details | 4.3 |
| 2021-04-02 | CVE-2021-21532 | Improper Input Validation vulnerability in Dell Wyse Thinos 8.6 Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper management server validation vulnerability that could be potentially exploited to redirect a client to an attacker-controlled management server, thus allowing the attacker to change the device configuration or certificate file. | 6.3 |
| 2021-04-02 | CVE-2021-21529 | Resource Exhaustion vulnerability in Dell System Update Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. | 5.5 |
| 2021-03-08 | CVE-2021-21510 | Injection vulnerability in Dell Idrac8 Firmware Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. | 6.1 |