CVE-2025-43888

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Dell PowerProtect Data Manager versions 19.19 and 19.20

Description: Dell PowerProtect Data Manager, Hyper-V, versions 19.19 and 19.20 contain a vulnerability that allows the insertion of sensitive information into log files. A low-privileged attacker with local access could potentially exploit this issue, leading to unauthorized access.

Recommendations: For Dell PowerProtect Data Manager version 19.19, implement measures to restrict access to log files. For Dell PowerProtect Data Manager version 19.20, implement measures to restrict access to log files.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

BDU:2025-11425

CVE-2025-43888

Affected Products

Dell Powerprotect Data Manager

CVE-2025-43888

Weakness Enumeration

Related Identifiers

Affected Products

References · 8