DSA-2026-208: Security Update for Dell PowerScale InsightIQ Multiple Vulnerabilities
Resumen: Dell PowerScale InsightIQ remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Impacto
High
Detalles
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-35071 | Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | 8.2 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2026-40638 | Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-35071 | Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | 8.2 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2026-40638 | Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Corrección y productos afectados
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
| CVE-2026-35071 | PowerScale InsightIQ | Versions 6.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
| CVE-2026-40638 | PowerScale InsightIQ | Versions 5.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
| CVE-2026-35071 | PowerScale InsightIQ | Versions 6.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
| CVE-2026-40638 | PowerScale InsightIQ | Versions 5.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
Historial de revisiones
| Revision | Date | Description |
| 1 |
5/11/2026
| Initial Release |
Reconocimientos
CVE-2026-35071, CVE-2026-40638: Dell would like to thank Ahmed Y. Elmogy for reporting this issue.
Información relacionada
Descargo de responsabilidad
Productos afectados
PowerScale InsightIQPropiedades del artículo
Número del artículo: 000463695
Tipo de artículo: Dell Security Advisory
Última modificación: 11 may 2026
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.