CVE-2025-26332
HIGHDell TechAdvisor 2.6-3.37-30 - Insertion of Sensitive Information into Log File
Title source: llmDescription
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/en-us/000337241/dsa-2025-108-security-update-for-dell-emc-xtremio-x2
Scores
CVSS v3
8.8
EPSS
0.0013
EPSS Percentile
2.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-532
Status
published
Products (2)
dell/techadvisor
2.6 - 3.4
dell/xtremio_management_server
< 6.4.3
Published
Jul 30, 2025
Tracked Since
Feb 18, 2026