Description
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities
Scores
CVSS v3
7.5
EPSS
0.0013
EPSS Percentile
2.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-522
CWE-256
Status
published
Products (42)
dell/vxrail_d560_firmware
8.0.000 - 8.320
dell/vxrail_d560f_firmware
8.0.000 - 8.320
dell/vxrail_e460_firmware
8.0.000 - 8.320
dell/vxrail_e560_firmware
8.0.000 - 8.320
dell/vxrail_e560_vcf_firmware
8.0.000 - 8.320
dell/vxrail_e560f_firmware
8.0.000 - 8.320
dell/vxrail_e560f_vcf_firmware
8.0.000 - 8.320
dell/vxrail_e560n_firmware
8.0.000 - 8.320
dell/vxrail_e560n_vcf_firmware
8.0.000 - 8.320
dell/vxrail_e660_firmware
8.0.000 - 8.320
... and 32 more
Published
Jan 08, 2025
Tracked Since
Feb 18, 2026