Home
LOW: 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NDefault status
unaffected
Any version before 5.1.0.1 or later
affected
Any version before 4.5.5.2 or later
affected
Description
Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure.
Problem types
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Product status
Any version before 5.1.0.1 or later
Any version before 4.5.5.2 or later
References
www.dell.com/...-powerflex-software-multiple-vulnerabilities