SQL Injection Vulnerability in Dell PowerFlex Manager
CVE-2026-56690

8.5HIGH

Key Information:

Vendor

Dell

Vendor
CVE Published:
10 July 2026

What is CVE-2026-56690?

Dell PowerFlex Manager versions prior to 5.1.0.1 are vulnerable to an SQL Injection attack due to improper neutralization of special elements in SQL commands. This flaw can be exploited by low-privileged attackers with remote access to gain unauthorized access, potentially leading to information disclosure and exposure. Organizations using affected versions should prioritize updating their software to mitigate this vulnerability.

Affected Version(s)

PowerFlex Manager 0 < 5.1.0.1 or later

PowerFlex Manager 0 < 4.5.5.2 or later

References

CVSS V3.1

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.