Dell Insightiq vulnerabilities
13 known vulnerabilities affecting dell/insightiq.
Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH3MEDIUM6
Vulnerabilities
Page 1 of 1
CVE-2024-37143P2CRITICALCVSS 9.8fixed in 5.1.12024-12-10
CVE-2024-37143 [CRITICAL] CWE-59 CVE-2024-37143: Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versio
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior
nvd
CVE-2024-39581P2CRITICALCVSS 9.8≥ 5.0.0, < 5.1.12024-09-10
CVE-2024-39581 [CRITICAL] CWE-552 CVE-2024-39581: Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to Ex
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files.
nvd
CVE-2025-30475P2CRITICALCVSS 9.8≥ 5.0.0, < 6.0.02025-05-15
CVE-2025-30475 [CRITICAL] CWE-269 CVE-2025-30475: Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulne
Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to elevation of privileges.
nvd
CVE-2024-39583P3CRITICALCVSS 9.8≥ 5.0.0, < 5.1.12024-09-10
CVE-2024-39583 [CRITICAL] CWE-327 CVE-2024-39583: Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptograph
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd
CVE-2026-35071P3HIGHCVSS 8.2≥ 6.0.0, < 6.3.02026-05-12
CVE-2026-35071 [HIGH] CWE-78 CVE-2026-35071: Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of spec
Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
nvd
CVE-2024-28972P3HIGHCVSS 7.5v5.0.0≥ N/A, ≤ 5.0.12024-08-01
CVE-2024-28972 [HIGH] CWE-327 CVE-2024-28972: Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerabil
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure.
nvd
CVE-2025-30476P3HIGHCVSS 7.5v5.2.02025-05-15
CVE-2025-30476 [HIGH] CWE-400 CVE-2025-30476: Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resource consumption vulnerability.
Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
nvd
CVE-2024-25962P3MEDIUMCVSS 6.5v5.0.02024-03-27
CVE-2024-25962 [MEDIUM] CWE-284 CVE-2024-25962: Dell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low privile
Dell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to monitoring data.
nvd
CVE-2026-40638P4MEDIUMCVSS 6.7≥ 5.0.0, < 6.3.02026-05-12
CVE-2026-40638 [MEDIUM] CWE-250 CVE-2026-40638: Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary priv
Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
nvd
CVE-2024-37144P4MEDIUMCVSS 6.7fixed in 5.1.12024-12-10
CVE-2024-37144 [MEDIUM] CWE-922 CVE-2024-37144: Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versio
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior
nvd
CVE-2024-39580P4MEDIUMCVSS 6.7≥ 5.0.0, < 5.1.12024-09-10
CVE-2024-39580 [MEDIUM] CWE-284 CVE-2024-39580: Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerabili
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
nvd
CVE-2024-39582P4MEDIUMCVSS 4.4v5.0.02024-09-10
CVE-2024-39582 [MEDIUM] CWE-798 CVE-2024-39582: Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A hig
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
nvd
CVE-2024-39574P4MEDIUMCVSS 4.4v5.1.02024-09-10
CVE-2024-39574 [MEDIUM] CWE-269 CVE-2024-39574: Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A hi
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
nvd