Improper Access Control Vulnerability in Dell PowerFlex Manager
CVE-2026-35066

7.1HIGH

Key Information:

Vendor: Dell
Status: Powerflex
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-35066?

Dell PowerFlex Manager contains an improper access control vulnerability that may allow a low privileged attacker with remote access to exploit the system. This could potentially lead to a denial of service, compromising system availability. It is crucial for users of PowerFlex Manager to apply patches and follow security best practices to mitigate the risk associated with this vulnerability.

Affected Version(s)

PowerFlex 0 < 5.1.0.1 or later

PowerFlex 0 < 4.5.5.2 or later

References

https://www.dell.com/support/kbdoc/en-us/000477538/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Apr 1, 2026

Credit

Dell would like to thank brocked200 for reporting this issue.

CVE-2026-35066 Data

JSON