Information Exposure Vulnerability in Dell XtremIO
CVE-2025-30105

8.8HIGH

Key Information:

Vendor: Dell
Status: Xtremio
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-30105?

Dell XtremIO version 6.4.0-22 is vulnerable to a significant information exposure issue due to the insertion of sensitive data into log files. This vulnerability can be exploited by low-privileged attackers who have local access to the system. By leveraging this flaw, attackers might gain access to sensitive credentials stored within the logs, enabling them to potentially manipulate the application with the permissions of the compromised account. Organizations using this version should promptly update their systems to mitigate the risk associated with this vulnerability.

Affected Version(s)

XtremIO NA < 6.4.3

References

https://www.dell.com/support/kbdoc/en-us/000337241/dsa-20...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025