exploitDog

CVE-2025-46608

Опубликовано: 12 нояб. 2025

Источник: nvd

CVSS3: 9.1

CVSS3: 7.2

EPSS Низкий

Описание

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.

Ссылки

https://www.dell.com/support/kbdoc/en-us/000390529/dsa-2025-375-security-update-for-dell-data-lakehouse-multiple-vulnerabilities
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dell:data_lakehouse:*:*:*:*:*:*:*:*

Версия до 1.6.0.0 (исключая)

EPSS

Процентиль: 21%

0.00068

Низкий

9.1 Critical

CVSS3

7.2 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-2w4c-q6mw-hcjx

CVSS3: 9.1

github

3 месяца назад

Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.

EPSS

Процентиль: 21%

0.00068

Низкий

9.1 Critical

CVSS3

7.2 High

CVSS3

Дефекты

CWE-284