Unisphere For Powermax
CVE-2026-26362
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files.
AnalysisAI
Dell Unisphere for PowerMax 10.2 contains a relative path traversal flaw that allows authenticated remote attackers to modify critical system files without user interaction. The vulnerability affects systems with low-privileged user accounts and carries high integrity and availability impact, though no patch is currently available. With an EPSS score of 0.1%, exploitation likelihood remains low despite the HIGH severity rating.
Technical ContextAI
Affects Unisphere For Powermax. Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files.
RemediationAI
Monitor vendor advisories for a patch. Validate and sanitize file path inputs. Use allowlists. Restrict network access to the affected service where possible.
More in Unisphere For Powermax
View allRemote command execution in Dell Unisphere for PowerMax versions 10.3.0.5 and prior allows a low-privileged authenticate
Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an S
Dell Unisphere for PowerMax 10.2 lacks proper authorization checks, allowing authenticated remote attackers to bypass ac
Dell Unisphere for PowerMax 10.2 contains a path traversal vulnerability that allows authenticated remote attackers to o
Dell Unisphere for PowerMax versions 10.2 suffer from a path traversal vulnerability (CWE-73) that allows authenticated
Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. Rated high severity (CVSS
Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass Vulnerability. Rated high severity
Unisphere For Powermax versions up to 9.2.4.18 is affected by improper restriction of xml external entity reference (CVS
Path traversal in Dell Unisphere for PowerMax 10.3.0.5 and prior exposes arbitrary files on the underlying server to rem
Dell Unisphere for PowerMax 10.2 contains a file path control vulnerability that allows authenticated remote attackers t
Unauthorized file disclosure in Dell Unisphere for PowerMax 10.3.0.5 and prior is achievable by a remote low-privileged
Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to PowerMax 9.2.4.15, contain an
Same weakness CWE-23 – Relative Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today