CVE-2025-22399
Published: 11 February 2025
Summary
CVE-2025-22399 is a high-severity SSRF (CWE-918) vulnerability in Dell Utility Configuration Collector Edge. Its CVSS base score is 7.9 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Network Service Discovery (T1046); ranked at the 21.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-22399 is a Blind Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting the Add Customer SFTP Server feature in Dell UCC Edge version 2.3.0. It enables server-side request forgery and carries a CVSS v3.1 base score of 7.9 (AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L). The vulnerability was published on 2025-02-11T17:15:34.453.
An unauthenticated attacker with local access can exploit this vulnerability with low attack complexity and no user interaction. Exploitation leads to server-side request forgery, resulting in high integrity impact, low availability impact, and a high scope change, while confidentiality remains unaffected.
Dell's security advisory DSA-2025-043 addresses this vulnerability along with multiple others in Dell UCC Edge through a security update. Details are available at https://www.dell.com/support/kbdoc/en-us/000279299/dsa-2025-043-security-update-for-dell-ucc-edge-security-update-for-multiple-vulnerabilities.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-2774
Vulnerability details
Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Blind SSRF in local-access feature enables forged server requests for internal network service discovery (T1046) and remote system discovery (T1018) from the server's network perspective.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly validates and sanitizes inputs to the Add Customer SFTP Server feature, preventing blind SSRF exploitation by rejecting forged server-side requests.
Ensures timely application of security updates like Dell's DSA-2025-043, remediating the specific SSRF flaw in UCC Edge 2.3.0.
Monitors and controls communications at system boundaries, blocking or detecting unauthorized server-side requests initiated via the SSRF vulnerability.