Home

Description

Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user may exploit and gain parallel privilege escalation or access to the database to obtain confidential information.

PUBLISHED Reserved 2025-04-23 | Published 2025-11-05 | Updated 2025-11-06 | Assigner dell




MEDIUM: 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-256: Plaintext Storage of a Password

Product status

Default status
unaffected

Any version before 8.1.1
affected

Credits

Dell would like to thank n3k From TIANGONG Team of Legendsec at QI-ANXIN Group for reporting this issue. finder

References

www.dell.com/...-cloudlink-multiple-security-vulnerabilities vendor-advisory

cve.org (CVE-2025-46366)

nvd.nist.gov (CVE-2025-46366)

Download JSON