MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2025-36572

CVSS 6.5v3.1pub. 2025-05-28upd. 2025-06-09

Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to gain unauthorized access based on the hardcoded account's privileges.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Dell Powerstore 1000t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 1200t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 3000t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 3200q

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 3200t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 5000t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 500t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 5200t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 7000t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 9000t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstore 9200t

    HW
    Dell
    wszystkie wersje
  • Dell Powerstoreos

    OS
    Dell
    < 4.0.1.3-2494147
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-32478CRITICAL9.0ten sam produkt

Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnera...

CVE-2022-26869CRITICAL9.8ten sam produkt

Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenti...

CVE-2024-51532HIGH7.1ten sam produkt

Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')...

CVE-2023-32449HIGH7.2ten sam produkt

Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerabili...

CVE-2022-26870HIGH7.0ten sam produkt

Dell PowerStore versions 2.1.0.x contain an Authentication bypass vulnerability. A remote unauthenticated atta...