CVE-2026-35065
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk25th percentile — higher than 25% of all known CVEs
Summary
Dell PowerFlex Manager versions prior to 5.1.0.1 contain a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.
Risk Assessment
This vulnerability poses a significant risk to organizations, allowing attackers to gain control over the system and access sensitive data. Potential impacts include service disruption and information theft.
Recommendation
It is recommended to update Dell PowerFlex Manager to version 5.1.0.1 or later to mitigate this vulnerability. Additionally, implementing appropriate security measures to restrict access to critical system functions is advisable.
Original NVD description (English source)
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.

