PT-2025-31850 · Dell · Dell Avamar
Published
2025-08-04
·
Updated
2026-02-17
·
CVE-2025-21120
CVSS v3.1
8.3
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
Dell Avamar versions prior to 19.12 with patch 338905
Dell Avamar version 19.10SP1 with patch 338904 is excluded.
Description
Dell Avamar contains a Trusting HTTP Permission Methods on the Server-Side issue in Security. A low privileged attacker with remote access could potentially exploit this issue, leading to Information exposure.
Recommendations
Update Dell Avamar to version 19.12 with patch 338905 or later.
Apply patch 338905 to versions prior to 19.12.
Do not use Dell Avamar version 19.10SP1 with patch 338904.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Avamar