{"cve":{"cve_id":"CVE-2026-49502","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.0021,"epss_percentile":0.11014,"epss_as_of":"2026-06-23","description":"Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access.","published_at":"2026-06-17T14:30:27.310000Z","last_modified_at":null,"cvss_v3_score":7.4,"cvss_v3_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-287"],"nvd_references":["https://www.dell.com/support/kbdoc/en-us/000477538/dsa-2026-066-security-update-for-powerflex-software-multiple-vulnerabilities"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:30:45.962068Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"A","value_label":"Adjacent"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"C","value_label":"Changed"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"dell","vendor_name":"Dell","product_slug":"powerflex","product_name":"PowerFlex","version_start":"0","version_start_inclusive":true,"version_end":"5.1.0.1 or later","version_end_inclusive":false,"cpe23_uri":"cve5:dell:powerflex:0:5.1.0.1 or later"},{"vendor_slug":"dell","vendor_name":"Dell","product_slug":"powerflex","product_name":"PowerFlex","version_start":"0","version_start_inclusive":true,"version_end":"4.5.5.2 or later","version_end_inclusive":false,"cpe23_uri":"cve5:dell:powerflex:0:4.5.5.2 or later"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000477538/dsa-2026-066-security-update-for-powerflex-software-multiple-vulnerabilities","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-06-17T14:30:27.310000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:55:10.688071Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:55:10.688071Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:55:10.688071Z","label":"CVSS score revised","source":"cvelistv5"}]}