Improper XML External Entity Reference in Dell Unisphere for PowerMax
CVE-2026-54470

5.3MEDIUM

Key Information:

Vendor

Dell

Vendor
CVE Published:
10 July 2026

What is CVE-2026-54470?

Dell Unisphere for PowerMax versions 10.3.0.5 and earlier are affected by a vulnerability that allows a remote low-privileged attacker to exploit improper restrictions on XML external entity references. By leveraging this flaw, an attacker could gain unauthorized access to sensitive information. It is crucial for users to apply the latest security updates and stay informed about potential risks associated with this vulnerability to safeguard their systems.

Affected Version(s)

Unisphere for PowerMax 0 < 10.3.0.7 or later

Unisphere for PowerMax 0 < 10.3.1.1 Patch 11360 or later

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.