{"vulnerability": "CVE-2021-2158", "sightings": [{"uuid": "21aac3af-cdf2-4f0e-8ce7-ed03d94effb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21584", "type": "seen", "source": "https://t.me/cibsecurity/27033", "content": "\u203c CVE-2021-21584 \u203c\n\nDell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T00:36:39.000000Z"}, {"uuid": "c35285a0-bc76-4305-b8a3-8ea86c7a0b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21585", "type": "seen", "source": "https://t.me/cibsecurity/27031", "content": "\u203c CVE-2021-21585 \u203c\n\nDell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T00:36:37.000000Z"}, {"uuid": "7dc4ffbf-3bbb-4b8e-be6c-ab3eb7ba74b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21580", "type": "seen", "source": "https://t.me/cibsecurity/26766", "content": "\u203c CVE-2021-21580 \u203c\n\nDell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T20:29:02.000000Z"}, {"uuid": "fffb362f-668b-42f3-a3b2-1f402d71e57b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21581", "type": "seen", "source": "https://t.me/cibsecurity/26761", "content": "\u203c CVE-2021-21581 \u203c\n\nDell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victim\u00e2\u20ac\u2122s browser by tricking a victim in to following a specially crafted link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T20:28:55.000000Z"}, {"uuid": "228959eb-f35d-4ff8-a4dc-fdf313b1a7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21586", "type": "seen", "source": "https://t.me/cibsecurity/26190", "content": "\u203c CVE-2021-21586 \u203c\n\nWyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-15T20:26:59.000000Z"}]}