CVE-2025-36593

Published: Jun 30, 2025Modified: Jan 14, 2026

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: security_alert@emc.com (Secondary)

Description

Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.

Affected (1)

Products: Dell: Openmanage Network Integration

1 product

Openmanage Network Integration

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dell Openmanage Network Integration	Before 3.8

Related CWEs

Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

References (1)

https://www.dell.com/support/kbdoc/en-us/000337238/dsa-2025-257-security-update-for-dell-openmanage-network-integration-omni-vulnerabilities

Source: security_alert@emc.com

Vendor Advisory

Timeline

No history available yet.