CVE Catalog

CVE-2026-35065

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

25th percentile — higher than 25% of all known CVEs

Summary

Dell PowerFlex Manager versions prior to 5.1.0.1 contain a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.

Risk Assessment

This vulnerability poses a significant risk to organizations, allowing attackers to gain control over the system and access sensitive data. Potential impacts include service disruption and information theft.

Recommendation

It is recommended to update Dell PowerFlex Manager to version 5.1.0.1 or later to mitigate this vulnerability. Additionally, implementing appropriate security measures to restrict access to critical system functions is advisable.

Original NVD description (English source)

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS