Primary

Context

Dell Storage Center - Improper Restriction of XML External Entity Reference Vulnerability Allowing Information Disclosure and Tampering

Vulnerability

Patched

A vulnerability has been identified in Dell Storage Center - Dell Storage Manager version 20.1.20, related to improper restriction of XML external entity references. This vulnerability could be exploited by an unauthenticated attacker with adjacent network access, potentially leading to unauthorized information disclosure and tampering.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information and the ability to modify data within the application.

Remediation

Users are advised to update to version 2020 R1.21 or later. Instructions for downloading the update are available on the Dell Storage Center product support page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell Storage Center - Improper Restriction of XML External Entity Reference Vulnerability Allowing Information Disclosure and Tampering

Vulnerability

Impact

Remediation

Affected Products

Dell Storage Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating