Home

Description

Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with privileges of the compromised account.

PUBLISHED Reserved 2025-04-20 | Published 2025-09-10 | Updated 2025-09-10 | Assigner dell




MEDIUM: 5.0CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N

Problem types

CWE-256: Plaintext Storage of a Password

Product status

Default status
unaffected

Any version before 19.21 build 11
affected

References

www.dell.com/...ta-manager-multiple-security-vulnerabilities vendor-advisory

cve.org (CVE-2025-43938)

nvd.nist.gov (CVE-2025-43938)

Download JSON