CVE-2025-22397_CVE-2025-22397

6.7 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H

Description

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Basic Information

ID CVE-2025-22397

Source dell

Published Nov 6, 2025 at 18:46

Modified Nov 6, 2025 at 19:30

Affected Product

Vendor Dell

Product Integrated Dell Remote Access Controller 9 14G Versions

Version N/A

Affected Versions Dell Integrated Dell Remote Access Controller 9 14G Versions N/A
Dell Integrated Dell Remote Access Controller 9 15G and 16G versions 6.10.80.00
Dell Integrated Dell Remote Access Controller 10 17G version N/A

CWE Classification

CWE-22

References

www.dell.com /support/kbdoc/en-us/000384516/dsa-2025-376-security-update-for-dell-idrac9-and-idrac10-vulnerabilities

{
    "lastseen": "",
    "description": "Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.",
    "published": "2025-11-06T18:46:04.736Z",
    "modified": "2025-11-06T19:30:39.315Z",
    "type": "cve",
    "title": "CVE-2025-22397",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000384516/dsa-2025-376-security-update-for-dell-idrac9-and-idrac10-vulnerabilities",
    "id": "CVE-2025-22397",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Dell Integrated Dell Remote Access Controller 9 14G Versions N/A\nDell Integrated Dell Remote Access Controller 9 15G and 16G versions 6.10.80.00\nDell Integrated Dell Remote Access Controller 10 17G version N/A",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Integrated Dell Remote Access Controller 9 14G Versions",
    "version": "N/A",
    "vendor": "Dell",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}