CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27686

Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.4%

CVSS Severity

CVSS v3 Score 2.7

References

https://www.dell.com/support/kbdoc/en-ao/000302223/dsa-2025-111-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-and-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities

Products affected by CVE-2025-27686

Dell » Unisphere For Powermax » Version: Any

cpe:2.3:a:dell:unisphere_for_powermax:*
Dell » Unisphere For Powermax » Version: N/A

cpe:2.3:a:dell:unisphere_for_powermax:-
Dell » Unisphere For Powermax » Version: 9.2.1.6

cpe:2.3:a:dell:unisphere_for_powermax:9.2.1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27686

Products

Pricing

Contact Us