CVE-2021-21577

Name of the Vulnerable Software and Affected Versions Dell EMC iDRAC9 versions prior to 4.40.40.00

Description The issue is a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim’s browser by tricking a victim into following a specially crafted link.

Recommendations For versions prior to 4.40.40.00, update to version 4.40.40.00 or later to resolve the issue. As a temporary workaround, consider restricting access to the iDRAC9 interface to minimize the risk of exploitation. Avoid following specially crafted links from untrusted sources to prevent potential attacks.