CVE-2025-46699 MEDIUM

CVE-2025-46699

Vendor Dell
Product Data Protection Advisor
Weakness CWE-1336
Published January 23, 2026
Last update January 23, 2026

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Key dates

02Disclosure timeline

January 23, 2026 CVE published
January 23, 2026 Record updated

Related vulnerabilities

04Related CVE