Klaas Demter

#12298of 53,632
22.2Total CVSS
Vulnerabilities · 3
High
3
PT-2025-1065
7.5
2025-01-08
Dell · Dell Vxrail · CVE-2025-21111
**Name of the Vulnerable Software and Affected Versions** Dell VxRail versions 8.0.000 through 8.0.311 **Description** The issue is related to the storage of critical information in plaintext, which could allow an attacker to expose protected information. A high-privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure. **Recommendations** For Dell VxRail versions 8.0.000 through 8.0.311, consider disabling the storage of passwords in plaintext as a temporary workaround until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. Update to a version that contains a fix for this vulnerability when available.
PT-2025-4192
7.5
2025-01-08
Dell · Dell Vxrail · CVE-2025-21102
**Name of the Vulnerable Software and Affected Versions** Dell VxRail versions 7.0.000 through 7.0.532 **Description** The issue concerns a plaintext storage of a password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure. **Recommendations** For versions 7.0.000 through 7.0.532, consider disabling local access for high privileged users until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-35716
7.2
2024-12-11
Dell · Dell Vxverify · CVE-2024-53292
**Name of the Vulnerable Software and Affected Versions** Dell VxVerify versions prior to x.40.405 **Description** The issue concerns a Plain-text Password Storage Vulnerability in the shell wrapper of Dell VxVerify. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable component with privileges of the compromised account. **Recommendations** For versions prior to x.40.405, update to version x.40.405 or later to resolve the Plain-text Password Storage Vulnerability. As a temporary workaround, consider restricting access to the shell wrapper to minimize the risk of exploitation.