CVE-2025-38739

High CVSS 7.2

Overview

Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure.

CWE: CWE-522 Published: 2025-08-04T16:15:33.080

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.2 (HIGH)
Detected tags: info_leak, unauth_access (tag impact: HIGH)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.
Enforce authentication/authorization; reduce default endpoint exposure.

Overview

Recommended tools

Tags