CVE-2025-32748
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk7th percentile — higher than 7% of all known CVEs
Summary
Dell PowerFlex Manager versions prior to 5.1.0.1 contain a Host Header Injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to trigger redirections.
Risk Assessment
This vulnerability could lead to unauthorized redirections, posing a risk of fraud or data theft within the organization.
Recommendation
It is recommended to update Dell PowerFlex Manager to version 5.1.0.1 or later to mitigate this vulnerability.
Original NVD description (English source)
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Host Header Injection vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to trigger redirections.

