CVE-2025-26483
MEDIUMDell PowerFlex Manager (Appliance) - URL Redirection to Untrusted Site ('Open Redirect')
Title source: ruleDescription
Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
References (2)
Core 2
Core References
Scores
CVSS v3
6.1
EPSS
0.0017
EPSS Percentile
6.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-601
Status
published
Products (8)
Dell/PowerFlex Manager
< 4.6.2
Dell/PowerFlex Manager (Appliance)
< IC 48.378.00
Dell/PowerFlex Manager (Appliance)
< IC 48.383.00
Dell/PowerFlex Manager (Rack)
< 3.7.8.0
Dell/PowerFlex Manager (Rack)
< 3.8.3.0
dell/powerflex_appliance_intelligent_catalog
< 48.383.00
dell/powerflex_manager
< 4.6.2
dell/powerflex_rack
< 3.7.8.0
Published
May 22, 2026
Tracked Since
May 22, 2026