CNNVD-202511-390 Information

CNNVD ID

CNNVD-202511-390

Related CVE

CVE-2025-46365

• CNNVD Published: 2025-11-05

Description (Chinese)

Dell CloudLink是美国戴尔（Dell）公司的一个数据加密和密钥管理系统。 Dell CloudLink 8.1.1之前版本存在命令注入漏洞，该漏洞源于身份验证的攻击者可利用命令注入漏洞，可能导致命令注入攻击。

Description (English)

Dell CloudLink is a data encryption and key management system for Dell Corporation in the United States. The previous version of Dell CloudLink 8.1.1 had an order-injecting loophole, which stemmed from the fact that the identity-identified assailant could use the order to inject a loophole, which could lead to an order-injecting attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

戴尔

Published

2025-11-05

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities