CVE-2025-22399 – Dell UCC Edge version 2.3.0 contains a blind Se... (How to Fix)

Q: What is the severity of CVE-2025-22399?

CVE-2025-22399 has a CVSS score of 7.9 (HIGH). Dell UCC Edge version 2.3.0 contains a blind Server-Side Request Forgery (SSRF) vulnerability in the Add Customer SFTP Server functionality. Unauthenticated attackers with local network access can exploit this to make the server send arbitrary HTTP requests to internal systems. This affects all deployments running the vulnerable version of Dell UCC Edge.

📋 TL;DR

Dell UCC Edge version 2.3.0 contains a blind Server-Side Request Forgery (SSRF) vulnerability in the Add Customer SFTP Server functionality. Unauthenticated attackers with local network access can exploit this to make the server send arbitrary HTTP requests to internal systems. This affects all deployments running the vulnerable version of Dell UCC Edge.

💻 Affected Systems

Products:

Dell UCC Edge

Versions: 2.3.0

Operating Systems: Not specified in advisory

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration of the Add Customer SFTP Server feature.

📦 What is this software?

Utility Configuration Collector Edge by Dell

View all CVEs affecting Utility Configuration Collector Edge →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could pivot to internal systems, access sensitive data, or perform internal reconnaissance leading to further compromise of the network.

🟠

Likely Case

Internal network scanning, information disclosure from internal services, or potential interaction with cloud metadata services.

🟢

If Mitigated

Limited impact due to network segmentation and proper access controls restricting the vulnerable component.

🌐 Internet-Facing: LOW (requires local access according to description)

🏢 Internal Only: HIGH (unauthenticated local attackers can exploit to pivot within internal network)

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires local network access but no authentication. Blind SSRF means attackers cannot directly see response data.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to version specified in DSA-2025-043

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000279299/dsa-2025-043-security-update-for-dell-ucc-edge-security-update-for-multiple-vulnerabilities

Restart Required: No

Instructions:

1. Review Dell advisory DSA-2025-043. 2. Download and apply the security update from Dell Support. 3. Verify the update was successful.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Dell UCC Edge management interface to trusted administrative networks only.

Disable Unused Features

all

If Add Customer SFTP Server functionality is not required, disable it through the management interface.

🧯 If You Can't Patch

Implement strict network segmentation to isolate Dell UCC Edge from sensitive internal systems.
Deploy web application firewall (WAF) rules to detect and block SSRF patterns.

🔍 How to Verify

Check if Vulnerable:

Check Dell UCC Edge version via management interface. If version is 2.3.0, system is vulnerable.

Check Version:

Check via Dell UCC Edge web interface or administrative console (specific command depends on deployment method).

Verify Fix Applied:

After applying update, verify version is no longer 2.3.0 and matches patched version from advisory.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from Dell UCC Edge to internal IP addresses
Multiple failed authentication attempts or unusual access patterns to SFTP server configuration

Network Indicators:

HTTP requests from Dell UCC Edge to unexpected internal destinations
Traffic patterns suggesting internal network scanning

SIEM Query:

source="dell-ucc-edge" AND (http_request OR outbound_connection) AND dest_ip IN (internal_subnets)

📊 Metadata

CVE ID: CVE-2025-22399

CVSS v3 Score: 7.9 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L

CWE: CWE-918

EPSS Score: 0.05% exploit probability (15.1th percentile)

Published: February 11, 2025

Last Updated: December 6, 2025

🔗 References

https://www.dell.com/support/kbdoc/en-us/000279299/dsa-2025-043-security-update-for-dell-ucc-edge-security-update-for-multiple-vulnerabilities Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-22399, you might also want to check these: