CVE-2025-32753 MEDIUM

CVE-2025-32753

Vendor Dell
Product PowerScale OneFS
Weakness CWE-89 · SQLi
Published June 20, 2025
Last update June 20, 2025

CVSS base score

5.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, information disclosure, and information tampering.

Key dates

02Disclosure timeline

June 20, 2025 CVE published
June 20, 2025 Record updated