Cyber Resilience

CVE-2025-22399

High

Published: 11 February 2025

Published
11 February 2025
Modified
06 December 2025
KEV Added
Patch
CVSS Score v3.1 7.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
EPSS Score 0.0007 21.2th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-22399 is a high-severity SSRF (CWE-918) vulnerability in Dell Utility Configuration Collector Edge. Its CVSS base score is 7.9 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Network Service Discovery (T1046); ranked at the 21.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-22399 is a Blind Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting the Add Customer SFTP Server feature in Dell UCC Edge version 2.3.0. It enables server-side request forgery and carries a CVSS v3.1 base score of 7.9 (AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L). The vulnerability was published on 2025-02-11T17:15:34.453.

An unauthenticated attacker with local access can exploit this vulnerability with low attack complexity and no user interaction. Exploitation leads to server-side request forgery, resulting in high integrity impact, low availability impact, and a high scope change, while confidentiality remains unaffected.

Dell's security advisory DSA-2025-043 addresses this vulnerability along with multiple others in Dell UCC Edge through a security update. Details are available at https://www.dell.com/support/kbdoc/en-us/000279299/dsa-2025-043-security-update-for-dell-ucc-edge-security-update-for-multiple-vulnerabilities.

EU & UK References

Vulnerability details

Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1046 Network Service Discovery Discovery
Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.
T1018 Remote System Discovery Discovery
Adversaries may attempt to get a listing of other systems by IP address, hostname, or other logical identifier on a network that may be used for Lateral Movement from the current system.
Why these techniques?

Blind SSRF in local-access feature enables forged server requests for internal network service discovery (T1046) and remote system discovery (T1018) from the server's network perspective.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-35459Shared CWE-918
CVE-2026-3052Shared CWE-918
CVE-2026-4200Shared CWE-918
CVE-2024-13923Shared CWE-918
CVE-2026-40348Shared CWE-918
CVE-2026-33399Shared CWE-918
CVE-2026-5936Shared CWE-918
CVE-2025-1833Shared CWE-918
CVE-2025-0474Shared CWE-918
CVE-2026-33321Shared CWE-918

Affected Assets

dell
utility configuration collector edge
2.3.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly validates and sanitizes inputs to the Add Customer SFTP Server feature, preventing blind SSRF exploitation by rejecting forged server-side requests.

prevent

Ensures timely application of security updates like Dell's DSA-2025-043, remediating the specific SSRF flaw in UCC Edge 2.3.0.

preventdetect

Monitors and controls communications at system boundaries, blocking or detecting unauthorized server-side requests initiated via the SSRF vulnerability.

References