8
CVE-2025-22476
- EPSS 0.22%
- Veröffentlicht 06.05.2025 16:08:47
- Zuletzt bearbeitet 04.11.2025 17:07:09
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Remote execution.Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Storage Manager Version < 2020
Dell ≫ Storage Manager Version2020 Updater1
Dell ≫ Storage Manager Version2020 Updater1.10
Dell ≫ Storage Manager Version2020 Updater1.2
Dell ≫ Storage Manager Version2020 Updater1.20
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.449 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security_alert@emc.com | 5.5 | 2.1 | 3.4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.