CVE-2025-26483

Summary

Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

Affected Software

VendorProductVersion RangeStatus
DellPowerFlex Manager (Appliance)0 < IC 48.378.00affected
DellPowerFlex Manager (Appliance)0 < IC 48.383.00affected
DellPowerFlex Manager (Rack)0 < 3.7.8.0affected
DellPowerFlex Manager (Rack)0 < 3.8.3.0affected
DellPowerFlex Manager0 <= 4.6.2affected

Weaknesses

  • CWE-601: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References