CVE-2025-23379

Published May 6, 2025

Last updated 2 months ago

CVSS low 3.5

Overview

Description: Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Script injection.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.2
Impact score: 2.7
Exploitability score: 2.1
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

Weaknesses

security_alert@emc.com: CWE-79

Hype score: Not currently trending

CVE-2025-23379 Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vul… https://t.co/OqujaPGiM9
@CVEnew
6 May 2025
325 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dell:storage_manager:16.3.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B35D3F3-363D-42AF-A582-FFA03154B20A"
          },
          {
            "criteria": "cpe:2.3:a:dell:storage_manager:2016:r2.1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43A8A705-CD7C-4AE8-9175-923BCE7BB6F1"
          },
          {
            "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "567442CC-381B-43A1-ADE9-AE00075021D4"
          },
          {
            "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1.10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B978EFB1-877F-4091-A401-F1861229E033"
          },
          {
            "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1.2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "263E78BD-D8C0-480F-9EED-D5496708CFCD"
          },
          {
            "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1.20:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1055DB85-9105-44E5-9CEB-509C7F7041FE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References