CVE-2025-43938_CVE-2025-43938

5 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N

Description

Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with privileges of the compromised account.

Basic Information

ID CVE-2025-43938

Source dell

Published Sep 10, 2025 at 16:03

Affected Product

Vendor Dell

Product PowerProtect Data Manager

Version N/A

Affected Versions Dell PowerProtect Data Manager N/A

CWE Classification

CWE-256

References

www.dell.com /support/kbdoc/en-us/000367456/dsa-2025-326-security-update-for-dell-powerprotect-data-manager-multiple-security-vulnerabilities

{
    "lastseen": "",
    "description": "Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with privileges of the compromised account.",
    "published": "2025-09-10T16:03:38.951Z",
    "modified": "2025-09-10T16:03:38.951Z",
    "type": "cve",
    "title": "CVE-2025-43938",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000367456/dsa-2025-326-security-update-for-dell-powerprotect-data-manager-multiple-security-vulnerabilities",
    "id": "CVE-2025-43938",
    "bulletinFamily": "",
    "cwe": [
        "CWE-256"
    ],
    "cvelist": null,
    "sourceData": "Dell PowerProtect Data Manager N/A",
    "sourceHref": "",
    "cvss": {
        "score": 5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PowerProtect Data Manager",
    "version": "N/A",
    "vendor": "Dell",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}