CVE-2025-36572 | THREATINT

Description

Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based on the hardcoded account's privileges.

PUBLISHED Reserved 2025-04-15 | Published 2025-05-28 | Updated 2025-05-28 | Assigner dell

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-798: Use of Hard-coded Credentials

Product status

Default status

unaffected

Any version before 4.0.1.3-2494147

affected

References

www.dell.com/...security-update-for-multiple-vulnerabilities vendor-advisory

cve.org (CVE-2025-36572)

nvd.nist.gov (CVE-2025-36572)

Download JSON