CVE-2021-21585

Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.
References
Link Resource
https://www.dell.com/support/kbdoc/000189673 Patch Vendor Advisory
https://www.dell.com/support/kbdoc/000189673 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:openmanage_enterprise:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:48

Type Values Removed Values Added
CVSS v2 : 9.0
v3 : 7.2
v2 : 9.0
v3 : 9.1
References () https://www.dell.com/support/kbdoc/000189673 - Patch, Vendor Advisory () https://www.dell.com/support/kbdoc/000189673 - Patch, Vendor Advisory

Information

Published : 2021-08-09 21:15

Updated : 2024-11-21 05:48


NVD link : CVE-2021-21585

Mitre link : CVE-2021-21585

CVE.ORG link : CVE-2021-21585


JSON object : View

Products Affected

dell

  • openmanage_enterprise
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')