CVE-2025-27686 Information

Description

Dell Unisphere for PowerMax version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15 contain an Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability leading to Script injection.

Reference

https://www.dell.com/support/kbdoc/en-ao/000302223/dsa-2025-111-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-and-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities