CVE-2026-32804

HIGH

Dell PowerFlex - Improper Authentication

Title source: rule
STIX 2.1

Description

Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Unauthorized access.

Scores

CVSS v3 8.1
EPSS 0.0022
EPSS Percentile 11.9%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-287
Status published
Products (3)
Dell/PowerFlex < 4.5.5.2 or later
Dell/PowerFlex < 5.1.0.1 or later
dell/powerflex_manager < 4.5.5.2
Published Jun 17, 2026
Tracked Since Jun 17, 2026