Vulnerability Description
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain root privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Emc Integrated System For Microsoft Azure Stack Hub Firmware | >= 1906, <= 2011 |
| Dell | Emc Integrated System For Microsoft Azure Stack Hub | - |
Related Weaknesses (CWE)
References
- https://www.dell.com/support/kbdoc/en-us/000186008/dsa-2021-020-dell-emc-integraVendor Advisory
- https://www.dell.com/support/kbdoc/en-us/000186008/dsa-2021-020-dell-emc-integraVendor Advisory
FAQ
What is CVE-2021-21505?
CVE-2021-21505 is a vulnerability with a CVSS score of 8.0 (HIGH). Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default cred...
How severe is CVE-2021-21505?
CVE-2021-21505 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-21505?
Check the references section above for vendor advisories and patch information. Affected products include: Dell Emc Integrated System For Microsoft Azure Stack Hub Firmware, Dell Emc Integrated System For Microsoft Azure Stack Hub.