CVE-2026-23773
Server-Side Request Forgery in Dell DLm
Publication date: 2026-04-29
Last updated on: 2026-04-29
Assigner: Dell
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | disk_library_for_mainframe | 8700 |
| dell | disk_library_for_mainframe | 2700 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Server-Side Request Forgery (SSRF) found in Dell Disk Library for Mainframe versions DLm 8700/2700. It allows a low privileged attacker with remote access to potentially exploit the system by making the server perform unauthorized requests on their behalf.
Can you explain this vulnerability to me?
This vulnerability is a Server-Side Request Forgery (SSRF) found in Dell Disk Library for Mainframe versions DLm 8700/2700. It allows a low privileged attacker with remote access to potentially exploit the system by making unauthorized requests from the server side.
How can this vulnerability impact me? :
Exploitation of this SSRF vulnerability could allow an attacker to make unauthorized requests from the affected server, potentially accessing internal resources or services that are not directly exposed to the attacker. This could lead to information disclosure or other indirect impacts depending on the internal network configuration.
How can this vulnerability impact me? :
Exploitation of this SSRF vulnerability could allow an attacker to make the affected server send requests to internal or external systems, potentially leading to unauthorized information disclosure or interaction with internal services that are not directly accessible.