CVE-2025-43995
Published: 24 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-43995 is an Improper Authentication vulnerability (CWE-287) affecting Dell Storage Manager version 20.1.21 within Dell Storage Center. The issue resides in the DSM Data Collector component, specifically APIs exposed by ApiProxy.war in DataCollectorEar.ear. It allows authentication bypass through the use of a special SessionKey and UserId associated with special users created in compellentservicesapi for particular purposes. The vulnerability has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity with high confidentiality, integrity, and availability impacts.
An unauthenticated attacker with remote network access can exploit this vulnerability by leveraging the special SessionKey and UserId to bypass authentication protections and gain unauthorized access to the exposed APIs. Successful exploitation leads to a protection mechanism bypass, potentially enabling full compromise of the affected system.
Dell's security advisory DSA-2025-393, detailed at https://www.dell.com/support/kbdoc/en-us/000382899/dsa-2025-393-security-update-for-storage-center-dell-storage-manager-vulnerabilities, provides information on the security update addressing this and related vulnerabilities in Dell Storage Manager.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CVE-2025-43995 enables unauthenticated remote exploitation of exposed APIs via authentication bypass, directly facilitating T1190: Exploit Public-Facing Application.