cbcvebase.

Dell Powerprotect Data Domain vulnerabilities

32 known vulnerabilities affecting dell/powerprotect_data_domain.

Total CVEs
32
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH18MEDIUM13

Vulnerabilities

Page 2 of 2
CVE-2026-35073P3MEDIUMCVSS 6.7fixed in 8.7.0.1 or laterfixed in 8.3.1.30 or later+1 more2026-04-17
CVE-2026-35073 [MEDIUM] CWE-78 CVE-2026-35073: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 th Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulner
nvd
CVE-2026-35074P3MEDIUMCVSS 6.7fixed in 8.6.1.10, 8.7.0.1 or laterfixed in 8.3.1.30 or later+2 more2026-04-17
CVE-2026-35074 [MEDIUM] CWE-78 CVE-2026-35074: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 th Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS Command Injection vulnerability. A high privileged attacker with local access could potentially exploit this vulner
nvd
CVE-2025-46641P3MEDIUMCVSS 6.6fixed in 8.6.0.0 or later2026-04-17
CVE-2025-46641 [MEDIUM] CWE-287 CVE-2025-46641: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.
nvd
CVE-2026-23777P3MEDIUMCVSS 6.5≥ 7.13.1.0, ≤ 7.13.1.50≥ 8.3.1.0, ≤ 8.3.1.20+4 more2026-04-17
CVE-2026-23777 [MEDIUM] CWE-200 CVE-2026-23777: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an exposure of sensitive information to an unauthorized actor vulnerability. A low privileged attacker with remote acces
nvd
CVE-2026-26951P3MEDIUMCVSS 6.7fixed in 8.6.1.10, 8.7.0.0 or laterfixed in 8.3.1.30 or later+2 more2026-04-20
CVE-2026-26951 [MEDIUM] CWE-121 CVE-2026-26951: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with
nvd
CVE-2026-23779P3MEDIUMCVSS 6.7fixed in 8.6.0.0 or laterfixed in 8.3.1.20 or later+2 more2026-04-17
CVE-2026-23779 [MEDIUM] CWE-77 CVE-2026-23779: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with local access could potentially exploit this vulnerabil
nvd
CVE-2026-35153P3MEDIUMCVSS 6.7fixed in 8.6.1.10, 8.7.0.1 or laterfixed in 8.3.1.30 or later+2 more2026-04-17
CVE-2026-35153 [MEDIUM] CWE-88 CVE-2026-35153: Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 th Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of argument delimiters in a command ('argument injection') vulnerability. A high privileged attacker with local access could potentially exploit this
nvd
CVE-2023-44279P4MEDIUMCVSS 6.7fixed in 6.2.1.110≥ 7.0, < 7.12.0.02023-12-14
CVE-2023-44279 [MEDIUM] CWE-78 CVE-2023-44279: Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a system take over by an attacker
nvd
CVE-2023-44278P4MEDIUMCVSS 6.7fixed in 6.2.1.110≥ 7.0, < 7.12.0.02023-12-14
CVE-2023-44278 [MEDIUM] CWE-22 CVE-2023-44278: Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server filesystem, with the privileges of the running application.
nvd
CVE-2023-44286P4MEDIUMCVSS 6.1fixed in 6.2.1.110≥ 7.0, < 7.12.0.02023-12-14
CVE-2023-44286 [MEDIUM] CWE-79 CVE-2023-44286: Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a DOM-based Cross-Site Scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the injection of malicious HTML or JavaScript code to a victim user's DOM environment in the browser. . Exploitation
nvd
CVE-2023-44284P4MEDIUMCVSS 4.3fixed in 6.2.1.110≥ 7.0, < 7.12.0.02023-12-14
CVE-2023-44284 [MEDIUM] CWE-89 CVE-2023-44284: Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an SQL Injection vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing unauthorized read access to application data.
nvd
CVE-2026-28263P4MEDIUMCVSS 4.8≥ 7.13.1.0, ≤ 7.13.1.50≥ 8.3.1.0, ≤ 8.3.1.20+4 more2026-04-17
CVE-2026-28263 [MEDIUM] CWE-79 CVE-2026-28263: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a cross-site Scripting vulnerability. A high privileged attacker with remote access could potentially exploit this vulner
nvd
Dell Powerprotect Data Domain vulnerabilities | cvebase