Vulnerability Details CVE-2021-21510
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
References
Products affected by CVE-2021-21510
-
cpe:2.3:o:dell:idrac8_firmware:2.00.00.00
-
cpe:2.3:o:dell:idrac8_firmware:2.30.30.30
-
cpe:2.3:o:dell:idrac8_firmware:2.52.52.52
-
cpe:2.3:o:dell:idrac8_firmware:2.60.60.60
-
cpe:2.3:o:dell:idrac8_firmware:2.61.60.60
-
cpe:2.3:o:dell:idrac8_firmware:2.70.70.70