CVE-2025-43995
published 2025-10-24CVE-2025-43995: Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote…
PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.82%
52.7th percentile
Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear by using a special SessionKey and UserId. These userid are special users created in compellentservicesapi for special purposes.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | dell_storage_manager | >= N/A < 2020 R1.21 | 2020 R1.21 |
| dell | storage_manager | < 2020 | 2020 |
| dell | storage_manager | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·The hardcoded special user IDs (masterUser=434223, rmsUser=434224, smisUser=434225) and the persistent SessionKey=1 are fixed values in Dell Storage Manager version 20.1.21; these are not dynamically assigned and will be consistent across all vulnerable deployments. ↗
- ·The vulnerability affects Dell Storage Manager version 20.1.21 specifically; the fix is available in version 2020 R1.22 or later. Detection rules should be scoped to hosts running the vulnerable version. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
2025-10-24
Published