CVE-2025-22478
HIGH WAF: High
CVSS 8.1
Published: 2025-05-06
CWE-611
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.
WAF Coverage Analysis
XML External Entity (XXE)
High WAF Coverage
OWASP: A05:2021 Security Misconfiguration
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| dell | storage_manager | 16.3.20 |
| dell | storage_manager | 2016 |
| dell | storage_manager | 2020 |
| dell | storage_manager | 2020 |
| dell | storage_manager | 2020 |
| dell | storage_manager | 2020 |
References
- www.dell.com (Vendor Advisory)