Plaintext Password Storage Vulnerability in Dell VxRail
CVE-2025-21111

4.4MEDIUM

Key Information:

Vendor: Dell
Status: Vxrail D560 Firmware
Vendor: CVE Published:; 8 January 2025

Summary

Versions 8.0.000 through 8.0.311 of Dell VxRail are susceptible to a vulnerability that allows a high-privileged attacker with local access to exploit plaintext storage of passwords. This flaw can lead to significant information exposure, compromising sensitive credentials stored inadequately within the system's architecture. System administrators should ensure timely updates and apply recommended security patches to mitigate potential risks associated with this vulnerability.

References

https://www.dell.com/support/kbdoc/en-us/000269958/dsa-20...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 8, 2025