Improper Certificate Validation in Dell PowerFlex Manager
CVE-2024-47477

6.5MEDIUM

Key Information:

Vendor: Dell
Status: Powerflex Manager
Vendor: CVE Published:; 17 June 2026

What is CVE-2024-47477?

Dell PowerFlex Manager, in versions before 4.5.1.1, is susceptible to an improper certificate validation issue. This vulnerability may allow remote unauthenticated attackers to conduct man-in-the-middle attacks by exploiting DNS cache poisoning, potentially leading to unauthorized access and data interception. It is essential for users to implement the recommended updates to safeguard their systems and mitigate the risk of exploitation.

Affected Version(s)

PowerFlex Manager 0 < 5.1.0.1 or later

PowerFlex Manager 0 < 4.5.5.2 or later

References

https://www.dell.com/support/kbdoc/en-us/000477538/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Sep 25, 2024

CVE-2024-47477 Data

JSON