exploitDog

CVE-2025-46425

Опубликовано: 24 окт. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Ссылки

https://www.dell.com/support/kbdoc/en-us/000382899/dsa-2025-393-security-update-for-storage-center-dell-storage-manager-vulnerabilities
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dell:storage_manager:*:*:*:*:*:*:*:*

Версия до 2020 (исключая)

cpe:2.3:a:dell:storage_manager:2020:r1:*:*:*:*:*:*

cpe:2.3:a:dell:storage_manager:2020:r1.10:*:*:*:*:*:*

cpe:2.3:a:dell:storage_manager:2020:r1.2:*:*:*:*:*:*

cpe:2.3:a:dell:storage_manager:2020:r1.20:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00079

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-611

Связанные уязвимости

GHSA-jjx4-28q5-r3gr

CVSS3: 6.5

github

4 месяца назад

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

EPSS

Процентиль: 24%

0.00079

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-611