CVE-2025-43994 | THREATINT

Description

Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

PUBLISHED Reserved 2025-04-21 | Published 2025-10-24 | Updated 2025-10-24 | Assigner dell

HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Problem types

CWE-306: Missing Authentication for Critical Function

Product status

Default status

unaffected

Any version before 2020 R1.21

affected

Credits

Dell would like to thank Tenable for reporting the issue. finder

References

www.dell.com/...-center-dell-storage-manager-vulnerabilities vendor-advisory

cve.org (CVE-2025-43994)

nvd.nist.gov (CVE-2025-43994)

Download JSON