How severe is CVE-2021-29209?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2021-29209?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2021-29209 - MEDIUM Severity | CVSS 4.8

Vulnerability Description

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.

Related Vulnerabilities

CVE-2021-29208

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-29210

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-30057

MEDIUM

CVSS:4.8(Medium)

A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.

CWE-742021

CVE-2022-22344

MEDIUM

CVSS:4.8(Medium)

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct v...

CWE-742022

CVE-2023-4157

MEDIUM

CVSS:4.8(Medium)

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.

CWE-742023

CVE-2023-4843

MEDIUM

CVSS:4.8(Medium)

Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administ...

CWE-742023