CVE-2025-46603

Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000397417/dsa-2025-387-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:cloudboost_virtual_appliance:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-12-05 19:15

Updated : 2026-01-16 21:18

NVD link : CVE-2025-46603

Mitre link : CVE-2025-46603

CVE.ORG link : CVE-2025-46603

JSON object : View

Products Affected

dell

cloudboost_virtual_appliance

CWE

CWE-307

Improper Restriction of Excessive Authentication Attempts

{"id": "CVE-2025-46603", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security_alert@emc.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-12-05T19:15:48.233", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000397417/dsa-2025-387-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities", "tags": ["Vendor Advisory"], "source": "security_alert@emc.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security_alert@emc.com", "description": [{"lang": "en", "value": "CWE-307"}]}], "descriptions": [{"lang": "en", "value": "Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access."}, {"lang": "es", "value": "Dell CloudBoost Virtual Appliance, versiones 19.13.0.0 y anteriores, contiene una vulnerabilidad de Restricci\u00f3n Inadecuada de Intentos Excesivos de Autenticaci\u00f3n. Un atacante no autenticado con acceso remoto podr\u00eda potencialmente explotar esta vulnerabilidad, lo que llevar\u00eda a un acceso no autorizado."}], "lastModified": "2026-01-16T21:18:14.583", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dell:cloudboost_virtual_appliance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBA69D9C-69D7-4516-B176-32E6C9D2B756", "versionEndExcluding": "19.13.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "security_alert@emc.com"}