Skip to main content

Unisphere For Powermax CVE-2026-26362

HIGH
Relative Path Traversal (CWE-23)
2026-02-19 security_alert@emc.com
8.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:03 vuln.today
CVE Published
Feb 19, 2026 - 09:16 nvd
HIGH 8.1

DescriptionCVE.org

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files.

AnalysisAI

Dell Unisphere for PowerMax 10.2 contains a relative path traversal flaw that allows authenticated remote attackers to modify critical system files without user interaction. The vulnerability affects systems with low-privileged user accounts and carries high integrity and availability impact, though no patch is currently available. With an EPSS score of 0.1%, exploitation likelihood remains low despite the HIGH severity rating.

Technical ContextAI

Affects Unisphere For Powermax. Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files.

RemediationAI

Monitor vendor advisories for a patch. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.

CVE-2026-54469 HIGH
8.8 Jul 10

Remote command execution in Dell Unisphere for PowerMax versions 10.3.0.5 and prior allows a low-privileged authenticate

CVE-2025-36588 HIGH
8.8 Jan 22

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an S

CVE-2026-26358 HIGH
8.8 Feb 19

Dell Unisphere for PowerMax 10.2 lacks proper authorization checks, allowing authenticated remote attackers to bypass ac

CVE-2026-26359 HIGH
8.8 Feb 19

Dell Unisphere for PowerMax 10.2 contains a path traversal vulnerability that allows authenticated remote attackers to o

CVE-2026-26360 HIGH
8.1 Feb 19

Dell Unisphere for PowerMax versions 10.2 suffer from a path traversal vulnerability (CWE-73) that allows authenticated

CVE-2022-31233 HIGH
8.0 Aug 31

Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. Rated high severity (CVSS

CVE-2021-21531 HIGH
7.8 Apr 30

Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. Rated high severity

CVE-2025-36589 HIGH
7.6 Jan 06

Unisphere For Powermax versions up to 9.2.4.18 is affected by improper restriction of xml external entity reference (CVS

CVE-2026-54468 MEDIUM
6.5 Jul 10

Path traversal in Dell Unisphere for PowerMax 10.3.0.5 and prior exposes arbitrary files on the underlying server to rem

CVE-2026-26361 MEDIUM
6.5 Feb 19

Dell Unisphere for PowerMax 10.2 contains a file path control vulnerability that allows authenticated remote attackers t

CVE-2026-54470 MEDIUM
5.3 Jul 10

Unauthorized file disclosure in Dell Unisphere for PowerMax 10.3.0.5 and prior is achievable by a remote low-privileged

CVE-2025-27686 LOW
2.7 Apr 07

Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an

Share

CVE-2026-26362 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy