CVE-2025-43937_CVE-2025-43937

6.6 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

Description

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Basic Information

ID CVE-2025-43937

Source dell

Published Apr 16, 2026 at 18:03

Modified Apr 16, 2026 at 18:51

Affected Product

Vendor Dell

Product PowerScale OneFS

Version 9.5.0.0

Affected Versions Dell PowerScale OneFS 9.5.0.0
Dell PowerScale OneFS 0
Dell PowerScale OneFS 9.7.0.0
Dell PowerScale OneFS 9.5.0.0

CWE Classification

CWE-532

References

www.dell.com /support/kbdoc/en-us/000376214/dsa-2025-347-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities

{
    "lastseen": "",
    "description": "Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.",
    "published": "2026-04-16T18:03:08.750Z",
    "modified": "2026-04-16T18:51:41.562Z",
    "type": "cve",
    "title": "CVE-2025-43937",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000376214/dsa-2025-347-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities",
    "id": "CVE-2025-43937",
    "bulletinFamily": "",
    "cwe": [
        "CWE-532"
    ],
    "cvelist": null,
    "sourceData": "Dell PowerScale OneFS 9.5.0.0\nDell PowerScale OneFS 0\nDell PowerScale OneFS 9.7.0.0\nDell PowerScale OneFS 9.5.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.6,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PowerScale OneFS",
    "version": "9.5.0.0",
    "vendor": "Dell",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}