Impact
Dell PowerFlex Manager contains an Improper Access Control weakness (CWE‑284). A low‑privileged attacker who obtains remote access to the management interface could exploit this flaw, causing the PowerFlex Manager to become unavailable to legitimate users.
Affected Systems
The vulnerability affects Dell PowerFlex Manager. Versions prior to 5.1.0.1 are impacted, as the description indicates.
Risk and Exploitability
The CVSS score of 4.3 indicates low overall severity, and the EPSS score of < 1 % reflects a very low probability of exploitation. The vulnerability is not catalogued in CISA’s KEV list. Based on the description, it is inferred that the attack vector requires remote access to the PowerFlex Manager, likely via its management API or console. With the low privileges required, successful exploitation would lead to a denial of service of the management service, limiting operational availability of the underlying storage system.
OpenCVE Enrichment