CVE-2025-22478HIGH 8.1EPSS p14.1%

CVE-2025-22478CVE-2025-22478

Description

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS0.24% probability of exploitation · percentile 14.1% · 2026-06-18T12:00:27Z
Published2025-05-06
Last modified2025-05-13

Underlying weaknesses· 1

CWE-611

References

  1. https://www.dell.com/support/kbdoc/en-us/000317318/dsa-2025-191-security-update-for-storage-center-dell-storage-manager-vulnerabilities

1

TypeTargetConfidenceTier
WeaknessImproper Restriction of XML External Entity Referencecwe-6110%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-22477
CVE
CVE-2025-22476
CVE
CVE-2025-26477
CVE
CVE-2026-8045
CVE
CVE-2025-32750
CVE
CVE-2025-7766
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.