CNNVD-202507-2675 Information

Jul 21, 2025 cve

CNNVD ID

CNNVD-202507-2675

CVE-2025-36603

CNNVD Published: 2025-07-21

Description (Chinese)

Dell AppSync是美国戴尔（Dell）公司的一个数据复制管理应用。 Dell AppSync 4.6.0.0版本存在代码问题漏洞，该漏洞源于对XML外部实体引用的限制不当，可能导致信息泄露和篡改。

Description (English)

Dell AppSync is a data reproduction management application for Dell in the United States. Dell AppSync 4.6.0.0 has a code loophole, which stems from inappropriate restrictions on references to external XML entities and may lead to information leaks and tampering.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

戴尔

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities

Share on: