SQL Injection Vulnerability in Dell PowerFlex Manager
CVE-2026-56689

7.7HIGH

Key Information:

Vendor

Dell

Vendor
CVE Published:
10 July 2026

What is CVE-2026-56689?

Dell PowerFlex Manager, before version 5.1.0.1, has a vulnerability that stems from improper neutralization of special elements in SQL commands. This SQL injection flaw allows a low-privileged remote attacker to potentially exploit the system, resulting in the exposure of sensitive information. It is crucial for users to update their software to safeguard against potential attacks that could exploit this vulnerability.

Affected Version(s)

PowerFlex Manager 0 < 5.1.0.1 or later

PowerFlex Manager 0 < 4.5.5.2 or later

References

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.