CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36589

Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources outside of the intended sphere of control.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.7%

CVSS Severity

CVSS v3 Score 7.6

References

https://www.dell.com/support/kbdoc/en-us/000402262/dsa-2025-425-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities

Products affected by CVE-2025-36589

Dell » Unisphere For Powermax » Version: 9.2.4.18

cpe:2.3:a:dell:unisphere_for_powermax:9.2.4.18
Dell » Unisphere For Powermax Virtual Appliance » Version: Any

cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36589

Products

Pricing

Contact Us