Description
Dell Data Lakehouse, versions prior to 1.6.0.0, contain(s) an Improper Access Control vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. This vulnerability is considered Critical, as it may result in unauthorized access with elevated privileges, compromising system integrity and customer data. Dell recommends customers upgrade to the latest version at the earliest opportunity.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Attack Vector
- network
- Complexity
- low
- Privileges
- high
- User Action
- none
- Scope
- changed
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-284
Metadata
- Primary Vendor
- DELL
- Published
- 11/12/2025
- Last Modified
- 12/5/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
dell : data_lakehouse
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.