Plataforma
dell
Componente
dell-storage-manager
Corrigido em
2020 R1.21
CVE-2025-43995 describes an Improper Authentication vulnerability affecting Dell Storage Manager. This vulnerability allows an unauthenticated attacker with remote access to bypass protection mechanisms and potentially access sensitive APIs. The vulnerability impacts versions of Dell Storage Manager up to and including 2020 R1.21. A fix is available in version 2020 R1.21.
The Improper Authentication vulnerability in Dell Storage Manager allows an unauthenticated, remote attacker to bypass protection mechanisms. Specifically, they can exploit the vulnerability to access APIs exposed by ApiProxy.war within the DataCollectorEar.ear component. This access is achieved by crafting a special SessionKey and UserId, leveraging pre-configured users created for specific purposes within the componentservicesapi. Successful exploitation could lead to unauthorized data access, modification, or deletion, potentially compromising the integrity and confidentiality of stored data. The ability to bypass authentication significantly expands the attack surface, allowing attackers to gain deeper access to the storage system without proper credentials.
CVE-2025-43995 was published on 2025-10-24. Currently, there are no publicly available proof-of-concept exploits. The EPSS score is pending evaluation, but the CRITICAL CVSS score suggests a high probability of exploitation if the vulnerability is actively targeted. This vulnerability is not currently listed on the CISA KEV catalog.
Organizations utilizing Dell Storage Manager in environments with remote access enabled, particularly those running versions prior to 2020 R1.21, are at significant risk. Shared hosting environments where multiple tenants share the same storage infrastructure are also particularly vulnerable, as a compromised tenant could potentially exploit this vulnerability to access data belonging to other tenants.
• windows / supply-chain:
Get-Process -Name DSMDataCollector | Select-Object ProcessId, CommandLine• linux / server:
ps aux | grep DSMDataCollector• generic web:
curl -I <dell_storage_manager_ip>/ApiProxy.wardisclosure
Status do Exploit
EPSS
0.13% (percentil 32%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2025-43995 is to upgrade Dell Storage Manager to version 2020 R1.21 or later, which contains the fix for this vulnerability. If immediate upgrade is not feasible, consider implementing network segmentation to restrict remote access to the DataCollectorEar.ear component. Review and restrict access to the componentservicesapi to limit the potential impact of successful exploitation. Monitor API access logs for unusual activity, focusing on requests with suspicious SessionKeys or UserIDs. While a WAF may not directly prevent this authentication bypass, it can be configured to detect and block suspicious API requests based on known patterns.
Actualice Dell Storage Manager a la versión 20.1.21 o posterior. Esta actualización corrige la vulnerabilidad de autenticación incorrecta y evita el acceso no autorizado a las API expuestas por ApiProxy.war en DataCollectorEar.ear.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-43995 is a CRITICAL vulnerability in Dell Storage Manager versions ≤2020 R1.21 that allows unauthenticated attackers to bypass protection mechanisms and access sensitive APIs.
If you are running Dell Storage Manager version 2020 R1.21 or earlier, you are potentially affected by this vulnerability. Assess your environment and upgrade as soon as possible.
The recommended fix is to upgrade to version 2020 R1.21 or later. If upgrading is not immediately possible, implement network segmentation and restrict access to the DataCollectorEar.ear component.
Currently, there are no publicly known active exploits for CVE-2025-43995, but the CRITICAL severity warrants immediate attention and remediation.
Refer to the official Dell Security Advisory for detailed information and remediation steps: [https://www.dell.com/support/kbdoc/en-us/000242643/security-update-for-dell-storage-manager-authentication-bypass-vulnerability]
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.