CVE-2025-46608
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-12-05
Assigner: Dell
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | data_lakehouse | to 1.6.0.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Access Control issue in Dell Data Lakehouse versions prior to 1.6.0.0. It allows a high privileged attacker with remote access to potentially exploit the system to gain elevated privileges, which means they can perform actions beyond their authorized level.
How can this vulnerability impact me? :
The impact of this vulnerability includes unauthorized access with elevated privileges, which can compromise system integrity and customer data. This could lead to critical security breaches, data loss, or manipulation by attackers.
What immediate steps should I take to mitigate this vulnerability?
Dell recommends customers upgrade to the latest version of Dell Data Lakehouse to mitigate this vulnerability at the earliest opportunity.