CVE-2025-22478: XEE
First published: Tue May 06 2025(Updated: )
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Storage Manager 2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-22478?
CVE-2025-22478 has been classified with a severity level that allows for potential information disclosure.
How do I fix CVE-2025-22478?
To fix CVE-2025-22478, update your Dell Storage Manager to the latest version provided by Dell.
Who is affected by CVE-2025-22478?
CVE-2025-22478 affects users of Dell Storage Manager, specifically versions 20.1.20.
Can CVE-2025-22478 be exploited remotely?
CVE-2025-22478 requires adjacent network access for exploitation, as it is not remotely accessible.
What type of vulnerability is CVE-2025-22478?
CVE-2025-22478 is classified as an Improper Restriction of XML External Entity Reference vulnerability.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/last-modified-date
- agent/source
- agent/tags
- agent/event
- vendor/dell
- canonical/dell storage manager 2016