CVE-2025-43937Log File Information Exposure in Dell Powerscale Onefs

CWE-532Log File Information Exposure3 documents3 sources
Severity
6.6MEDIUMNVD
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Powerscale Onefs
Timeline
PublishedApr 16

Description

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:HExploitability: 1.3 | Impact: 5.2

Affected Packages1 packages

CVEListV5dell/powerscale_onefs9.5.0.09.10.1.3+3

🔴Vulnerability Details

2
VulDB
Dell PowerScale OneFS up to 9.12.0.0 log file (dsa-2025-347)2026-04-16
CVEList
CVE-2025-43937: Dell PowerScale OneFS, versions prior to 92026-04-16
CVE-2025-43937 — Log File Information Exposure in Dell | cvebase