CVE Details
Basic Information
| Title | CVE-2025-21120 |
|---|---|
| Type | cve |
| Published | 2025-08-04T18:33:07.220Z |
| Modified | 2025-08-04T19:16:56.486Z |
Product Information
| Vendor | Dell |
|---|---|
| Product | Avamar Data Store Gen4T |
| Version | 19.12 |
CVSS Information
| Base Score | 8.3 (HIGH) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L |
Affected Products
- Dell Avamar Data Store Gen4T 19.12
- Dell Avamar Data Store Gen4T 19.10, 19.10-SP1, 19.7, 19.8, 19.9 and 19.4
- Dell Avamar Data Store Gen5A 19.12
- Dell Avamar Data Store Gen5A 19.10, 19.10-SP1, 19.7, 19.8, 19.9 and 19.4
- Dell Avamar Virtual Edition for VMware ESXi and vSphere 19.12
- Dell Avamar Virtual Edition for VMware ESXi and vSphere 19.10, 19.10-SP1, 19.7, 19.8, 19.9 and 19.4
- Dell Avamar Virtual Edition for VMware vSphere only 19.12
- Dell Avamar Virtual Edition for VMware vSphere only 19.10, 19.10-SP1, 19.7, 19.8, 19.9 and 19.4
Additional Information
| CWE List | CWE-650 |
|---|---|
| Source | dell |
Description
Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.