PT-2025-28957 · Dell · Dell Powerflex Manager
Published
2025-07-07
·
Updated
2025-07-10
·
CVE-2025-36599
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Dell PowerFlex Manager VM versions prior to 4.6.2.1
Description:
Dell PowerFlex Manager VM is affected by an issue allowing the insertion of sensitive information into log files. A low-privileged attacker with remote access could exploit this, potentially leading to the disclosure of user credentials. An attacker may use these exposed credentials to access the system with the privileges of the compromised account.
Recommendations:
Update Dell PowerFlex Manager VM to version 4.6.2.1 or later.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Powerflex Manager