cbcvebase.
CVE-2025-21120
published 2025-08-04

CVE-2025-21120: Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low…

PriorityP338medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.26%
17.8th percentile
Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

Affected

8 ranges
VendorProductVersion rangeFixed in
dellavamar
dellavamar
dellavamar
dellavamar
dellavamar
dellavamar
dellavamar_server>= 19.8 through 19.10 < 19.10 SP1 with CHF 338904 or later19.10 SP1 with CHF 338904 or later
dellavamar_virtual_edition>= 19.8 through 19.10 < 19.10 SP1 with CHF 338904 or later19.10 SP1 with CHF 338904 or later
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.