CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36588

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.5%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.dell.com/support/kbdoc/en-us/000402262/dsa-2025-425-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities

Products affected by CVE-2025-36588

Dell » Unisphere For Powermax » Version: N/A

cpe:2.3:a:dell:unisphere_for_powermax:-
Dell » Unisphere For Powermax » Version: 9.2.1.6

cpe:2.3:a:dell:unisphere_for_powermax:9.2.1.6
Dell » Unisphere For Powermax Virtual Appliance » Version: N/A

cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:-
Dell » Unisphere For Powermax Virtual Appliance » Version: 9.2.3.22

cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:9.2.3.22

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36588

Products

Pricing

Contact Us