CVE-2025-32750
Exposure of Information Through Directory Listing in Dell PowerFlex Manager
Publication date: 2026-05-20
Last updated on: 2026-05-20
Assigner: Dell
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | powerflex_manager | to 4.6.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-548 | The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Dell PowerFlex Manager versions up to 4.6.2 have a vulnerability where an unauthenticated attacker with remote access can exploit directory listing to expose information.
How can this vulnerability impact me? :
This vulnerability can lead to the exposure of sensitive information without requiring authentication, potentially allowing attackers to access data they should not see.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability in Dell PowerFlex Manager allows an unauthenticated remote attacker to expose information through directory listing. Such exposure of sensitive information could potentially lead to non-compliance with data protection regulations like GDPR and HIPAA, which require the protection of personal and sensitive data from unauthorized access.
However, specific impacts on compliance depend on the nature of the exposed information and the organization's overall security controls.