Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Powerprotect Data Manager Security Vulnerabilities

cve
cve

CVE-2020-5356

Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect virtual machines.

7.7CVSS

6.2AI Score

0.002EPSS

2020-07-06 06:15 PM
24
cve
cve

CVE-2023-28062

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

8.8CVSS

8.3AI Score

0.001EPSS

2023-04-11 02:15 PM
22
cve
cve

CVE-2024-22445

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges ...

7.2CVSS

7.2AI Score

0.001EPSS

2024-02-13 08:16 AM
24
cve
cve

CVE-2024-22454

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised ...

8.8CVSS

8.8AI Score

0.001EPSS

2024-02-13 08:16 AM
25
cve
cve

CVE-2024-22460

Dell PowerProtect DM5500 version 5.15.0.0 and prior contains an insecure deserialization Vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability, leading to arbitrary code execution on the vulnerable application.

2.2CVSS

7.8AI Score

0.0004EPSS

2024-05-08 04:15 PM
28
cve
cve

CVE-2024-24908

Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability to deletion of arbitrary files stored on the server filesystem.

6.5CVSS

6.8AI Score

0.0004EPSS

2024-05-08 04:15 PM
36
cve
cve

CVE-2024-25971

Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.

5.5CVSS

5.4AI Score

0.0004EPSS

2024-03-28 07:15 PM
32
cve
cve

CVE-2024-37135

DM5500 5.16.0.0, contains an information disclosure vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application ...

3.3CVSS

6.3AI Score

0.0004EPSS

2024-07-31 02:15 PM
27