CVE-2025-43937

Published: Apr 16, 2026 Last Modified: Apr 16, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,6

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: low

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: none

Availability: high

Description

AI Translation Available

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

532

Insertion of Sensitive Information into Log File

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality

Potential Impacts:

Read Application Data

Applicable Platforms

All platforms may be affected

Likelihood of Exploit: Medium

View CWE Details

https://www.dell.com/support/kbdoc/en-us/000376214/dsa-2025…

https://www.dell.com/support/kbdoc/en-us/000376214/dsa-2025-347-security-update…

CVE-2025-43937

Description

Insertion of Sensitive Information into Log File

Common Consequences

Applicable Platforms

Iscriviti alla newsletter