CVE-2025-46371

Summary

Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the ssh. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass.

Affected Software

VendorProductVersion RangeStatus
DellPowerFlex Manager (Appliance)0 < IC 48.378.00affected
DellPowerFlex Manager (Appliance)0 < IC 48.383.00affected
DellPowerFlex Manager (Rack)0 < 3.7.8.0affected
DellPowerFlex Manager (Rack)0 < 3.8.3.0affected
DellPowerFlex Manager0 <= 4.6.2affected

Weaknesses

  • CWE-327: CWE-327: Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References