Primary

Context

Dell XtremIO Insertion of Sensitive Information into Log File Vulnerability

Vulnerability

Patched

A vulnerability allowing the insertion of sensitive information into log files has been identified in Dell XtremIO versions 6.4.0-22. This issue could be exploited by a low-privileged attacker with local access, potentially leading to unauthorized information exposure. The exposed credentials might be used to access the vulnerable application with the privileges of the compromised account.

Impact

Exploitation of this vulnerability could result in unauthorized access to the application, using the privileges of the compromised account.

Remediation

Users are advised to upgrade to version 6.4.3 or later. For Dell XtremIO X2 TechAdvisor users, version 3.4 is recommended. Contact Dell customer support for the upgrade.

Added: Jul 30, 2025, 6:22 PM

Updated: Jul 30, 2025, 6:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

3.5

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

3.5

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell XtremIO Insertion of Sensitive Information into Log File Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell XtremIO X2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating