What is the CVSS score of CVE-2025-36593?

CVE-2025-36593 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Openmanage Network Integration are affected by CVE-2025-36593?

Dell OpenManage Network Integration versions before 3.8 contain an authentication bypass vulnerability affecting RADIUS protocol handling that could allow attackers with local network access to forge…. A patch is available.

How to fix or mitigate CVE-2025-36593?

Within 24 hours: identify all Dell OpenManage Network Integration instances and document current versions. Within 7 days: upgrade all instances to version 3.8 or later per Dell vendor advisory. Within 30 days: conduct access logs review for any suspicious RADIUS authentication patterns and validate network segmentation controls restricting local network access to management systems.

Openmanage Network Integration CVE-2025-36593

EUVD-2025-19568 HIGH

Authentication Bypass by Capture-replay (CWE-294)

2025-06-30 security_alert@emc.com

Authentication Bypass Dell Openmanage Network Integration

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:35 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

3.8

EUVD ID Assigned

Mar 16, 2026 - 01:25 euvd

EUVD-2025-19568

Analysis Generated

Mar 16, 2026 - 01:25 vuln.today

CVE Published

Jun 30, 2025 - 19:15 nvd

HIGH 8.8

DescriptionNVD

Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.

Analysis

Technical ContextAI

An authentication bypass vulnerability allows attackers to circumvent login mechanisms and gain unauthorized access without valid credentials.

RemediationAI

Implement robust authentication mechanisms. Use multi-factor authentication. Review authentication logic for bypass conditions. Remove default credentials.

More from same product – last 7 days

CVE-2025-26483 MEDIUM This Month

6.1 May 22

Open redirect vulnerability in Dell PowerFlex Manager 4.6.2 and prior enables unauthenticated remote attackers to craft

CVE-2025-32751 MEDIUM This Month

5.5 May 22

Dell PowerFlex Manager versions 4.6.2 and earlier improperly store sensitive information in a manner accessible to low-p

CVE-2025-32747 MEDIUM This Month

5.3 May 22

Incorrect Privilege Assignment in Dell PowerFlex Manager version 4.6.2 and earlier (both Appliance and Rack form factors

CVE-2025-32749 MEDIUM This Month

5.3 May 22

Directory listing exposure in Dell PowerFlex Manager versions 4.6.2 and earlier allows an attacker to enumerate director

CVE-2025-32745 MEDIUM This Month

4.2 May 22

Improper certificate validation in Dell PowerFlex Manager version 4.6.2 and earlier allows an unauthenticated attacker o

CVE-2025-36593 vulnerability details – vuln.today

Back

Openmanage Network Integration CVE-2025-36593

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code