CVE-2021-21505
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-21505
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an undocumented default iDRAC account. A remote unauthenticated attacker, with the knowledge of the default credentials, could potentially exploit this to log in to the system to gain root privileges.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
凭证管理
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Azure和Microsoft Azure Stack 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Azure和Microsoft Azure Stack都是美国微软(Microsoft)公司的产品。Microsoft Azure是一套开放的企业级云计算平台。Microsoft Azure Stack是一款基于Azure云平台的混合云计算软件解决方案。该产品支持构建和部署混合应用程序。 Dell EMC integration System for Microsoft Azure Stack Hub 1906-2011版本存在安全漏洞,该漏洞允许远程的未经身份验证的攻击者登录到系统以
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Dell | Dell EMC Integrated System for Microsoft Azure Stack Hub | unspecified ~ 2102 | - |
II. Public POCs for CVE-2021-21505
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-21505
请登录查看更多情报信息。
Same Patch Batch · Dell · 2021-05-06 · 3 CVEs total
| CVE-2021-21527 | 6.0 MEDIUM | Dell Technologies Dell PowerScale OneFS 操作系统命令注入漏洞 |
| CVE-2021-21550 | 6.0 MEDIUM | DELL EMC PowerScale 操作系统命令注入漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-255
- CVE-2021-37000
Huawei HarmonyOS Wearables安全漏洞 - CVE-2021-28509
TerminAttr streams MACsec sensitive data in clear text to ot - CVE-2021-28508
TerminAttr streams IPsec sensitive data in clear text to oth - CVE-2022-25327
Local Denial of Service in fscrypt PAM module - CVE-2020-8968
Parallels Remote Application Server credentials management e
V. Comments for CVE-2021-21505
No comments yet