Content Spoofing / Text Injection Vulnerability in Dell EMC iDRAC8 and iDRAC9

Content Spoofing / Text Injection Vulnerability in Dell EMC iDRAC8 and iDRAC9

CVE-2021-21580 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate.

Learn more about our User Device Pen Test.