Dell Unisphere for PowerMax
Moderate fix1 remedy
cpe:2.3:a:dell:unisphere_for_powermax:*:*:*:*:*:*:*
Moderate fix1 remedy
- < 10.2.0.9
Dell Unisphere for PowerMax and PowerMax LDAP Injection Vulnerability Allowing Script Injection
Vulnerability
Patched
A vulnerability allowing LDAP injection has been identified in Dell Unisphere for PowerMax versions prior to 10.2.0.9, as well as in PowerMax versions prior to 9.2.4.15. This vulnerability arises from improper neutralization of special elements used in LDAP queries, which could be exploited by a high-privileged attacker with remote access. The exploitation of this vulnerability could lead to script injection.
Impact
Exploitation of this vulnerability could result in unauthorized script execution on the affected system.
Remediation
Users can upgrade to Unisphere for PowerMax version 10.2.0.9 or later, or PowerMax version 9.2.4.15 or later. Instructions for downloading the updated versions are available on the Dell Unisphere for PowerMax and Dell PowerMax support pages.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
1.7exploitability
4.4remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.