HIGH✓ PATCH🇬🇧 English

CVE-2026-35065

CVSS 8.8v3.1pub. 2026-06-17upd. 2026-06-25

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dell Powerflex Manager

    APP
    Dell
    < 4.5.5.24.6.0 – 5.1.0.1 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCEAuth BypassDoS
CWE
Referencje

Powiązane podatności

CVE-2024-37143CRITICAL10.0PL ✓ten sam produkt

Krytyczna podatność RCE w produktach Dell PowerFlex, InsightIQ i Data Lakehouse

CVE-2026-32804HIGH8.1ten sam produkt

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An u...

CVE-2026-35066HIGH7.1ten sam produkt

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Access Control vulnerability. A lo...

CVE-2026-22283HIGH7.5ten sam produkt

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Inclusion of Functionality from Untrusted C...

CVE-2026-49502HIGH7.4ten sam produkt

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An u...