Use of Hard-coded Credentials in Dell PowerStore
CVE-2025-36572

6.5MEDIUM

Key Information:

Vendor

Dell

Vendor
CVE Published:
28 May 2025

What is CVE-2025-36572?

The Dell PowerStore product line has been identified to contain a vulnerability related to hard-coded credentials within its image file. This issue allows a low-privileged attacker, equipped with remote access and knowledge of the hard-coded credentials, to exploit this flaw. If successfully exploited, the attacker could gain unauthorized access to the system, utilizing the privileges associated with the compromised account. This vulnerability highlights the importance of addressing hard-coded credentials in systems to mitigate potential security risks.

Affected Version(s)

PowerStore < 4.0.1.3-2494147

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-36572 : Use of Hard-coded Credentials in Dell PowerStore