← volver
CVE-2025-46608

CVE-2025-46608

CVSS 9.1 CRITICALEPSS 0.4%CWE-284
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.1EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
12 nov 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Dell · Data Lakehouse

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.dell.com/support/kbdoc/en-us/000390529/dsa-2025-375-security-update-for-dell-data-lakehouse-multiple-vulnerabilities