CVE-2021-21579
Description
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell EMC iDRAC9 versions before 4.40.40.00 contain an open redirect vulnerability exploitable by remote unauthenticated attackers to redirect users to arbitrary URLs.
Vulnerability
Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. The issue allows a remote unauthenticated attacker to redirect users to arbitrary web URLs by tricking them into clicking maliciously crafted links [1].
Exploitation
An attacker can exploit this vulnerability by sending a crafted link to a victim. The victim must click the link for the exploit to succeed. No authentication or special network position is required, as the attack is remote and user interaction is the only prerequisite [1].
Impact
Successful exploitation leads to an open redirect, which can be used for phishing attacks. The CVSS score is 6.1 (Medium), with low impact on confidentiality and integrity, and no impact on availability [1].
Mitigation
The vulnerability is fixed in iDRAC9 version 4.40.40.00 and later. Users should update to the latest firmware version available from Dell's support site [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000189193mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.