PT-2026-42771 · Dell · Powerflex Rack+2
Published
2026-04-24
·
Updated
2026-05-22
·
CVE-2025-46371
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:N/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Dell PowerFlex Manager versions prior to 4.6.2
Dell PowerFlex Appliance (affected versions not specified)
Dell PowerFlex Rack (affected versions not specified)
Description
Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack utilize cryptographic algorithms that contain defects. In Dell PowerFlex Manager, this issue exists within the ssh component. A low privileged attacker with local access could exploit this flaw to bypass existing security protection mechanisms.
Recommendations
Update Dell PowerFlex Manager to a version later than 4.6.2.
At the moment, there is no information about a newer version that contains a fix for this vulnerability for Dell PowerFlex Appliance and Dell PowerFlex Rack.
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Powerflex Appliance
Powerflex Manager
Powerflex Rack