CVE-2026-26361

Dell Unisphere for PowerMax, versions 10.2, contains an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

CVE-2026-26357

Dell Unisphere for PowerMax, versions 9.2.4.x, contains an Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or...

CVE-2025-27686

Dell Unisphere for PowerMax, versions prior to 10.2.0.9 and PowerMax versions prior to PowerMax 9.2.4.15, contain an Improper Neutralization of Special Elements used in an LDAP Query 'LDAP Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this...

PT-2023-13378 · Dell · Solution Enabler Vapp +2

Name of the Vulnerable Software and Affected Versions: Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp versions 10.0.0.5 and below Description: The issue allows users to perform actions for which they are not authorized due to an authorization bypass...

CVE-2021-36338

Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to. CVE-2022-31233 addresses the partial fix in...

PT-2022-10505 · Dell · Unisphere For Powermax

Name of the Vulnerable Software and Affected Versions: Unisphere for PowerMax versions prior to 9.2.2.2 Description: The issue allows an adjacent malicious user to potentially exploit a privilege escalation vulnerability, enabling them to access functionalities they do not have access to...