Dell PowerFlex Manager Directory Listing Information Disclosure

CVE-2025-32750 affects Dell PowerFlex Manager versions 4.6.2 and earlier, exposing a critical information disclosure vulnerability through directory listing exposure (CWE-548). An unauthenticated attacker with remote network access can enumerate directory structures and retrieve sensitive file information without authentication, potentially revealing configuration files, credentials, API endpoints, or other system metadata. This vulnerability is particularly concerning because PowerFlex Manager is a centralized management platform for Dell's software-defined storage infrastructure, making it a high-value target for reconnaissance activities in enterprise environments. Organizations running affected versions face immediate risk of information exposure that could be chained with other vulnerabilities for lateral movement or privilege escalation.

While CVE-2025-32750 is not currently mapped to specific MITRE ATT&CK techniques, Casky's extended reasoning engine would detect attack patterns consistent with Discovery and Reconnaissance phases—specifically techniques like T1526 (Cloud Service Discovery), T1518 (Software Enumeration), and T1580 (Cloud Infrastructure Discovery). A practitioner using Casky would observe findings related to unauthenticated HTTP enumeration, directory traversal attempts, and responses revealing file structures or metadata. The platform's 754 mapped security skills would correlate suspicious patterns such as repeated directory listing requests, successful information retrieval without credentials, and baseline deviations in remote access logs. Immediate detection would focus on network indicators showing directory enumeration against PowerFlex Manager endpoints and the absence of required authentication tokens in successful information-gathering requests.