Impact
The vulnerability is a Use of a Broken or Risky Cryptographic Algorithm in Dell PowerFlex Manager versions prior to 5.1.0.1. An unauthenticated attacker with remote access could potentially exploit the weakened cryptography, leading to information disclosure and tampering. This weakness could allow an attacker to read or modify sensitive data transmitted or stored by the PowerFlex Manager application, compromising confidentiality and integrity.
Affected Systems
Dell PowerFlex Manager version(s) prior to 5.1.0.1 are affected by this vulnerability, as indicated by the updated description. Administrators should verify the exact version of their deployments and determine if they are running a vulnerable release. If the system is running 5.1.0.1 or later, the vulnerability is not present; otherwise, it remains in effect.
Risk and Exploitability
The CVSS score of 4.8 reflects moderate impact, and the EPSS score of less than 1% indicates that exploitation attempts are rare at present. The vulnerability is not cataloged in CISA's KEV list, implying a low to moderate threat level. The attack vector is inferred as remote through unauthenticated access, which suggests that any exposed PowerFlex Manager interfaces could be targeted without credentials.
OpenCVE Enrichment