CVE-2025-36599
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-09

Last updated on: 2025-07-10

Assigner: Dell

Description
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-09
Last Modified
2025-07-10
Generated
2026-05-06
AI Q&A
2025-07-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-36599
EUVD
EUVD-2025-20868
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dell powerflex_manager *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in Dell PowerFlex Manager VM versions prior to 4.6.2.1, where sensitive information is inserted into log files. A low privileged attacker with remote access could exploit this to obtain certain user credentials from the logs, potentially allowing them to access the system with the privileges of the compromised account.


How can this vulnerability impact me? :

If exploited, this vulnerability could lead to the disclosure of user credentials, enabling an attacker to gain unauthorized access to the system with the privileges of the compromised account. This could result in unauthorized actions or data exposure depending on the account's permissions.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart