Login Sign Up

CVE-2025-46603

7.0 HIGH
Authentication Bypass

📋 TL;DR

Dell CloudBoost Virtual Appliance versions 19.13.0.0 and earlier have a vulnerability that allows attackers to bypass authentication rate limiting. Unauthenticated remote attackers can brute-force credentials to gain unauthorized access to the appliance. This affects all deployments running vulnerable versions.

💻 Affected Systems

Products:
  • Dell CloudBoost Virtual Appliance
Versions: 19.13.0.0 and prior
Operating Systems: Virtual appliance
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations are vulnerable. The appliance must be exposed to network access for exploitation.

📦 What is this software?

Cloudboost Virtual Appliance by Dell

View all CVEs affecting Cloudboost Virtual Appliance →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the CloudBoost appliance, allowing attackers to access, modify, or delete backup data, potentially leading to data loss or ransomware deployment.

🟠

Likely Case

Unauthorized access to the appliance management interface, enabling configuration changes, data exfiltration, or lateral movement within the network.

🟢

If Mitigated

Failed authentication attempts logged but no successful access, with potential service disruption from excessive login attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires only standard brute-force tools and network access to the appliance.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to version 19.14.0.0 or later

Vendor Advisory: https://www.dell.com/support/kbdoc/en-us/000397417/dsa-2025-387-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities

Restart Required: Yes

Instructions:

1. Download the latest version from Dell support. 2. Backup current configuration. 3. Deploy the updated virtual appliance. 4. Restore configuration. 5. Verify functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to the CloudBoost appliance to only trusted management networks.

Strong Password Policy

all

Enforce complex, long passwords to reduce brute-force success probability.

🧯 If You Can't Patch

  • Implement network ACLs to limit source IP addresses that can access the appliance
  • Deploy an intrusion prevention system (IPS) to detect and block brute-force attempts

🔍 How to Verify

Check if Vulnerable:

Check the appliance version in the web interface under Settings > About or via SSH: cat /etc/cloudboost/version

Check Version:

cat /etc/cloudboost/version

Verify Fix Applied:

Confirm version is 19.14.0.0 or later and test authentication rate limiting with failed login attempts

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed authentication attempts from single IP
  • Successful login after many failures

Network Indicators:

  • High volume of HTTP POST requests to login endpoints
  • Traffic patterns consistent with brute-force tools

SIEM Query:

source="cloudboost" AND (event_type="auth_failure" AND count > 10 within 5m)

📊 Metadata

CVE ID: CVE-2025-46603
CVSS v3 Score: 7.0 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
CWE: CWE-307
EPSS Score: 0.08% exploit probability (24.2th percentile)
Published: December 5, 2025
Last Updated: January 16, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-46603, you might also want to check these:

CVE-2023-1665 9.8

This vulnerability allows attackers to perform unlimited authentication attempts against Twake insta...

Same vulnerability type (CWE-307)
CVE-2020-28212 9.8

This vulnerability allows attackers to perform brute force attacks against the PLC Simulator in EcoS...

Same vulnerability type (CWE-307)
CVE-2024-9342 9.8

CVE-2024-9342 allows attackers to perform unlimited brute-force login attempts against Eclipse Glass...

Same vulnerability type (CWE-307)