CVE-2025-30105

high

Description

Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

References

https://www.dell.com/support/kbdoc/en-us/000337241/dsa-2025-108-security-update-for-dell-emc-xtremio-x2

Details

Source: Mitre, NVD

Published: 2025-07-30

Updated: 2025-07-31

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00013