CVE Catalog

CVE-2025-32748

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile — higher than 7% of all known CVEs

Summary

Dell PowerFlex Manager versions prior to 5.1.0.1 contain a Host Header Injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to trigger redirections.

Risk Assessment

This vulnerability could lead to unauthorized redirections, posing a risk of fraud or data theft within the organization.

Recommendation

It is recommended to update Dell PowerFlex Manager to version 5.1.0.1 or later to mitigate this vulnerability.

Original NVD description (English source)

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Host Header Injection vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to trigger redirections.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS