PT-2025-31850 · Dell · Dell Avamar
Published
2025-08-04
·
Updated
2025-08-04
·
CVE-2025-21120
CVSS v3.1
8.3
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L |
Fix
Weakness Enumeration
Related Identifiers
Affected Products
Dell Avamar
Published
2025-08-04
·
Updated
2025-08-04
·
CVE-2025-21120
8.3
High
| Base vector | Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions:
Dell Avamar versions prior to 19.12 with patch 338905
Dell Avamar version 19.10SP1 with patch 338904 is excluded.
Description:
Dell Avamar contains a Trusting HTTP Permission Methods on the Server-Side issue in Security. A low privileged attacker with remote access could potentially exploit this issue, leading to Information exposure.
Recommendations:
Update Dell Avamar to version 19.12 with patch 338905 or later.
Apply patch 338905 to versions prior to 19.12.
Do not use Dell Avamar version 19.10SP1 with patch 338904.
Fix