CVE-2025-22478

Published May 6, 2025

Last updated a month ago

CVSS high 8.1

Overview

Description
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.
Source
security_alert@emc.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
8.1
Impact score
5.2
Exploitability score
2.8
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity
HIGH

Weaknesses

security_alert@emc.com
CWE-611

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-22478 🔴 HIGH (8.1) 🏢 Dell - Dell Storage Center - Dell Storage Manager 🏗️ N/A 🔗 https://t.co/iNC6ZKa42X #CyberCron #VulnAlert #InfoSec https://t.co/X3lOjRsouW

    @cybercronai

    7 May 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-22478 Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated … https://t.co/reWxYuhsA0

    @CVEnew

    6 May 2025

    296 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️Actualización de seguridad para Dell Storage Manager ❗CVE-2025–22477 ❗CVE-2025-22478 ➡️Más info: https://t.co/EWaSNoYZvK https://t.co/kZbTVMctEF

    @CERTpy

    6 May 2025

    76 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.