CNNVD-202511-393 Information

CNNVD ID

CNNVD-202511-393

Related CVE

CVE-2025-45379

• CNNVD Published: 2025-11-05

Description (Chinese)

Dell CloudLink是美国戴尔（Dell）公司的一个数据加密和密钥管理系统。 Dell CloudLink 8.2之前版本存在操作系统命令注入漏洞，该漏洞源于特权用户可通过控制台运行命令注入，可能导致获取系统shell访问权限。

Description (English)

Dell CloudLink is a data encryption and key management system for Dell Corporation in the United States. There was a loophole in operating system commands in the previous version of Dell CloudLink 8.2, which resulted from privileged users having access to the system shell through the console.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

戴尔

Published

2025-11-05

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-2025-374-security-update-for-dell-cloudlink-multiple-security-vulnerabilities