PT-2026-42771 · Dell · Powerflex Rack+2

Published

2026-04-24

·

Updated

2026-05-22

·

CVE-2025-46371

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:C/A:N
Name of the Vulnerable Software and Affected Versions Dell PowerFlex Manager versions prior to 4.6.2 Dell PowerFlex Appliance (affected versions not specified) Dell PowerFlex Rack (affected versions not specified)
Description Dell PowerFlex Manager, PowerFlex Appliance, and PowerFlex Rack utilize cryptographic algorithms that contain defects. In Dell PowerFlex Manager, this issue exists within the ssh component. A low privileged attacker with local access could exploit this flaw to bypass existing security protection mechanisms.
Recommendations Update Dell PowerFlex Manager to a version later than 4.6.2. At the moment, there is no information about a newer version that contains a fix for this vulnerability for Dell PowerFlex Appliance and Dell PowerFlex Rack.

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-09005
CVE-2025-46371

Affected Products

Powerflex Appliance
Powerflex Manager
Powerflex Rack