Dell PowerFlex Manager Missing Auth Critical Function CVE-2026-35065
CVE-2026-35065 Published on June 17, 2026

Dell PowerFlex Manager, version(s) [Versions], contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Affected Versions

Dell PowerFlex:

Before 5.1.0.1 or later is affected.
Before 4.5.5.2 or later is affected.

Dell PowerFlex Manager Missing Auth Critical Function CVE-2026-35065CVE-2026-35065 Published on June 17, 2026

Vulnerability Analysis

Weakness Type

Missing Authentication for Critical Function

Affected Versions

Dell PowerFlex Manager Missing Auth Critical Function CVE-2026-35065
CVE-2026-35065 Published on June 17, 2026