CVE-2025-46425 | THREATINT

Description

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

PUBLISHED Reserved 2025-04-24 | Published 2025-10-24 | Updated 2025-10-25 | Assigner dell

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-611: Improper Restriction of XML External Entity Reference

Product status

Default status

unaffected

Any version before 2020 R1.21

affected

Credits

Dell would like to thank Ahmed Y. Elmogy for reporting this issue. finder

References

www.dell.com/...-center-dell-storage-manager-vulnerabilities vendor-advisory

cve.org (CVE-2025-46425)

nvd.nist.gov (CVE-2025-46425)

Download JSON