HIGHCVE-2026-26359Published 2026-02-19Modified 2026-02-26CNA dell

CVE-2026-26359: Dell Unisphere for PowerMax, version(s) 10

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files.

CVSS v3.1: 8.8
Severity: HIGH
Fixed in: 10.3.0.1 or later
Affected Products: 2

Fix available

10.3.0.1 or later

Affected packages

Dell / Unisphere for PowerMax
< 10.3.0.1 or later (from N/A)
Dell / PowerMax
< 10.3.0.1 or later (from N/A)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

dell.com

Metrics

Fix available