CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-43995

Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear by using a special SessionKey and UserId. These userid are special users created in compellentservicesapi for special purposes.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.6%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.dell.com/support/kbdoc/en-us/000382899/dsa-2025-393-security-update-for-storage-center-dell-storage-manager-vulnerabilities

Products affected by CVE-2025-43995

Dell » Storage Manager » Version: 16.3.20

cpe:2.3:a:dell:storage_manager:16.3.20
Dell » Storage Manager » Version: 2016

cpe:2.3:a:dell:storage_manager:2016
Dell » Storage Manager » Version: 2020

cpe:2.3:a:dell:storage_manager:2020

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-43995

Products

Pricing

Contact Us