Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-36599

Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account.

Published

2025-07-09T19:15:24.207

Last Modified

2025-07-10T13:17:30.017

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-532

Affected Vendors & Products

References

https://www.dell.com/support/kbdoc/en-us/000342158/dsa-2025-279-security-update-for-dell-powerflex-manager-platform-pfmp-proprietary-code-vulnerability ([email protected])