Description
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Information tampering, Remote execution, Script injection, and Unauthorized access.
Problem types
CWE-306: Missing Authentication for Critical Function
Product status
Any version before 5.1.0.1 or later
Any version before 4.5.5.2 or later
Credits
Dell would like to thank brocked200 for reporting this issue.
References
www.dell.com/...-powerflex-software-multiple-vulnerabilities