Undocumented Default iDRAC Account Vulnerability in Dell EMC Integrated System for Microsoft Azure Stack Hub

Undocumented Default iDRAC Account Vulnerability in Dell EMC Integrated System for Microsoft Azure Stack Hub

CVE-2021-21505 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain root privileges.

Learn more about our Azure Audit.