PT-2026-3949 · Dell · Unisphere For Powermax
Published
2026-01-15
·
Updated
2026-02-26
·
CVE-2025-36588
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Dell Unisphere for PowerMax versions 10.2.0.x
Description
Dell Unisphere for PowerMax versions 10.2.0.x contain an Improper Neutralization of Special Elements used in an SQL Command vulnerability, also known as 'SQL Injection'. A low privileged attacker with remote access could potentially exploit this issue, leading to Command execution.
Recommendations
Upgrade Dell Unisphere for PowerMax to a newer version to address this vulnerability.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unisphere For Powermax