CVE Daily

CVE-2025-21120

Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10S...

High CVSS 8.3

Overview

Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

CWE: CWE-650 Published: 2025-08-04T19:15:30.210
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.3 (HIGH)
  • Detected tags: info_leak (tag impact: LOW)

Recommended actions:

  • Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Recommended tools

Tags