CVE-2025-21102

MEDIUM EPSS 5.7%
Published Jan 8, 20251y ago · Modified Jun 17, 20262w ago
4.4 CVSS 3.1
Medium
Find Similar
Published Jan 8, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

CVSS Details

Base Score
4.4
Exploitability
0.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
5.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-256
CWE-522

Affected Products 84

VendorProductVersionRange
dellvxrail_d560_firmware*≥7.0.000  –  <7.0.533
dellvxrail_d560*any
dellvxrail_d560f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_d560f*any
dellvxrail_e460_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e460*any
dellvxrail_e560_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e560*any
dellvxrail_e560_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e560_vcf*any
dellvxrail_e560f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e560f*any
dellvxrail_e560f_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e560f_vcf*any
dellvxrail_e560n_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e560n*any
dellvxrail_e560n_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e560n_vcf*any
dellvxrail_e660_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e660*any
dellvxrail_e660f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e660f*any
dellvxrail_e660n_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e660n*any
dellvxrail_e665_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e665*any
dellvxrail_e665f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e665f*any
dellvxrail_e665n_firmware*≥7.0.000  –  <7.0.533
dellvxrail_e665n*any
dellvxrail_g560_firmware*≥7.0.000  –  <7.0.533
dellvxrail_g560*any
dellvxrail_g560_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_g560_vcf*any
dellvxrail_g560f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_g560f*any
dellvxrail_p470_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p470*any
dellvxrail_p570_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p570*any
dellvxrail_p570_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p570_vcf*any
dellvxrail_p570f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p570f*any
dellvxrail_p570f_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p570f_vcf*any
dellvxrail_p580n_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p580n*any
dellvxrail_p580n_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p580n_vcf*any
dellvxrail_p670f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p670f*any
dellvxrail_p670n_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p670n*any
dellvxrail_p675f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p675f*any
dellvxrail_p675n_firmware*≥7.0.000  –  <7.0.533
dellvxrail_p675n*any
dellvxrail_s470_firmware*≥7.0.000  –  <7.0.533
dellvxrail_s470*any
dellvxrail_s570_firmware*≥7.0.000  –  <7.0.533
dellvxrail_s570*any
dellvxrail_s570_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_s570_vcf*any
dellvxrail_s670_firmware*≥7.0.000  –  <7.0.533
dellvxrail_s670*any
dellvxrail_v470_firmware*≥7.0.000  –  <7.0.533
dellvxrail_v470*any
dellvxrail_v570_firmware*≥7.0.000  –  <7.0.533
dellvxrail_v570*any
dellvxrail_v570_vcf_firmware*≥7.0.000  –  <7.0.533
dellvxrail_v570_vcf*any
dellvxrail_v670f_firmware*≥7.0.000  –  <7.0.533
dellvxrail_v670f*any
dellvxrail_vd-4000r_firmware*≥7.0.000  –  <7.0.533
dellvxrail_vd-4000r*any
dellvxrail_vd-4000w_firmware*≥7.0.000  –  <7.0.533
dellvxrail_vd-4000w*any
dellvxrail_vd-4000z_firmware*≥7.0.000  –  <7.0.533
dellvxrail_vd-4000z*any
dellvxrail_vd-4510c_firmware*≥7.0.000  –  <7.0.533
dellvxrail_vd-4510c*any
dellvxrail_vd-4520c_firmware*≥7.0.000  –  <7.0.533
dellvxrail_vd-4520c*any

References 1

  • dell.com https://www.dell.com/support/kbdoc/en-us/000269793/dsa-2025-027-security-update-for-dell-vxrail-for-multiple-vulnerabilities?ref=emcadvisory_000269793_High_null
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.