DSA-2026-208: Security Update for Dell PowerScale InsightIQ Multiple Vulnerabilities
Riepilogo: Dell PowerScale InsightIQ remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Questo articolo si applica a
Questo articolo non si applica a
Questo articolo non è legato a un prodotto specifico.
Non tutte le versioni del prodotto sono identificate in questo articolo.
Impatto
High
Dettagli
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-35071 | Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | 8.2 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2026-40638 | Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2026-35071 | Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | 8.2 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| CVE-2026-40638 | Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Prodotti interessati e correzione
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
| CVE-2026-35071 | PowerScale InsightIQ | Versions 6.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
| CVE-2026-40638 | PowerScale InsightIQ | Versions 5.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
| CVEs Addressed | Product | Affected Versions | Remediated Versions | Link |
| CVE-2026-35071 | PowerScale InsightIQ | Versions 6.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
| CVE-2026-40638 | PowerScale InsightIQ | Versions 5.0.0 through 6.2.0 | Version 6.3.0 or later | PowerScale InsightIQ Downloads Area |
Cronologia delle revisioni
| Revision | Date | Description |
| 1 |
5/11/2026
| Initial Release |
Ringraziamenti
CVE-2026-35071, CVE-2026-40638: Dell would like to thank Ahmed Y. Elmogy for reporting this issue.
Informazioni correlate
Dichiarazione di non responsabilità
Prodotti interessati
PowerScale InsightIQProprietà dell'articolo
Numero articolo: 000463695
Tipo di articolo: Dell Security Advisory
Ultima modifica: 11 mag 2026
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.