CVE-2025-10847

CWE-284Improper Access Control3 documents3 sources
Severity
8.4HIGH
EPSS
0.2%
top 62.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom Unified Infrastructure Management
Timeline
PublishedOct 1

Description

DX Unified Infrastructure Management (Nimsoft/UIM) and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:N/SA:L/S:N

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-rqx4-2q9h-8rv8: DX Unified Infrastructure Management (Nimsoft/UIM) and below contains an improper ACL handling vulnerability in the robot (controller) component2025-10-01
CVEList
DX UIM Probe Improper ACL Handling RCE2025-10-01
CVE-2025-10847 (HIGH CVSS 8.4) | DX Unified Infrastructure Managemen | cvebase.io