Powerflex Manager CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Dell Subscriptions

Filtered by product Powerflex Manager Subscriptions

Search

Switch to Advanced Search (Beta)

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-37143	1 Dell	5 Data Lakehouse, Insightiq, Powerflex Appliance Intelligent Catalog and 2 more	2026-01-22	10 Critical
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Improper Link Resolution Before File Access vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-37144	1 Dell	5 Data Lakehouse, Insightiq, Powerflex Appliance Intelligent Catalog and 2 more	2026-01-22	8.2 High
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Insecure Storage of Sensitive Information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use information disclosed to gain unauthorized access to pods within the cluster.
CVE-2025-36599	1 Dell	1 Powerflex Manager	2026-01-16	4.3 Medium
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the system with privileges of the compromised account.

Page 1 of 1.