Lucene search
K
DellData Domain Operating System

99 matches found

CVE
CVE
added 2025/04/03 3:18 p.m.77 views

CVE-2025-29987

Dell PowerProtect Data Domain with DD OS prior to 8.3.0.15 is affected by an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could execute arbitrary commands with root privileges due to limited access-control granularity. The PT-2025-14...

8.8CVSS7.8AI score0.00509EPSS
CVE
CVE
added 2025/02/04 2:19 a.m.72 views

CVE-2025-22475

The CVE-2025-22475 entry describes a vulnerability in Dell PowerProtect DD where, in versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10, a use of a cryptographic primitive with a risky implementation could allow a remote attacker to tamper information. A Dell security update (DSA-2025-022) ...

7.5CVSS6.9AI score0.00222EPSS
CVE
CVE
added 2024/06/26 2:57 a.m.68 views

CVE-2024-29174

Dell Data Domain is affected by CVE-2024-29174 with SQL Injection in software versions prior to 7.13.0.0, and LTS releases 7.7.5.30 and 7.10.1.20. The vulnerability could allow a local, low-privilege attacker to execute SQL commands on the backend database and gain unauthorized access to applicat...

4.4CVSS8AI score0.00199EPSS
CVE
CVE
added 2025/02/01 4:12 a.m.66 views

CVE-2024-53295

Dell PowerProtect DD (Dell’s data protection solution) is affected by an improper access control vulnerability (CVE-2024-53295) that could allow a local, low-privilege attacker to escalate privileges. Affected versions are prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20. The NVD entry documents a LOCA...

7.8CVSS7.8AI score0.00142EPSS
CVE
CVE
added 2025/02/01 4:2 a.m.64 views

CVE-2024-51534

Dell PowerProtect DD vulnerable versions before DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 are affected by a path traversal flaw that could allow a local low-privileged attacker to overwrite OS files on the server filesystem, potentially causing denial of service. The concern is supported by multiple...

7.1CVSS6.8AI score0.00182EPSS
CVE
CVE
added 2025/02/01 3:56 a.m.64 views

CVE-2024-53296

CVE-2024-53296 affects Dell PowerProtect DD (Data Domain) with a stack-based buffer overflow in the RestAPI. Public details indicate vulnerable versions include Dell PowerProtect DD prior to 7.10.1.50 and 7.13.1.20 (per NVD description), with a similar CVE entry noting earlier releases such as 7....

4.9CVSS3.6AI score0.00375EPSS
CVE
CVE
added 2024/06/26 3:3 a.m.61 views

CVE-2024-29175

CVE-2024-29175 concerns Dell PowerProtect Data Domain. The affected products are Dell PowerProtect Data Domain versions prior to 7.13.0.0, LTS 7.7.5.40, and LTS 7.10.1.30, where a weak cryptographic algorithm vulnerability could enable a remote, unauthenticated attacker to perform a man-in-the-mi...

5.9CVSS6.9AI score0.0026EPSS
CVE
CVE
added 2024/11/08 2:48 a.m.61 views

CVE-2024-45759

Summary of CVE-2024-45759 (Dell PowerProtect Data Domain) : A local, low-privileged attacker could exploit an escalation of privilege vulnerability to execute commands that overwrite the application’s system configuration, potentially causing a denial of service. Affected products are Dell PowerP...

7.3CVSS7.5AI score0.00142EPSS
CVE
CVE
added 2024/11/08 3:1 a.m.59 views

CVE-2024-48010

Dell PowerProtect DD is affected by an access control vulnerability prior to these versions: • 8.1.0.0 (and earlier listed) and specifically 7.13.1.10, 7.10.1.40, and 7.7.5.50. A remote, high-privileged attacker could potentially escalate privileges in the application. Remediation: update to 8.1....

7.2CVSS7.2AI score0.00368EPSS
CVE
CVE
added 2024/11/08 2:30 a.m.59 views

CVE-2024-48011

Dell PowerProtect DD (hardware appliances) is affected in versions prior to 7.7.5.50 by an Information Disclosure vulnerability that could be exploited by a low-privilege attacker with remote access to obtain sensitive information. The initial documents do not specify the exact root cause or vuln...

6.5CVSS6.8AI score0.00276EPSS
CVE
CVE
added 2024/06/26 2:37 a.m.53 views

CVE-2024-29176

CVE-2024-29176 affects Dell PowerProtect DD prior to a fixed release. Dell PowerProtect DD versions 8.0, 7.13.1.0, 7.10.1.30, and 7.7.5.40 are vulnerable to an Out-of-bounds Write that could enable code execution by a low-privilege, remote attacker. The issue is caused by an out-of-bounds write i...

8.8CVSS8.7AI score0.00642EPSS
CVE
CVE
added 2024/06/26 3:24 a.m.53 views

CVE-2024-37138

CVE-2024-37138 affects Dell PowerProtect DD (DDMC) prior to version 8.0 and LTS releases 7.13.1.0, 7.10.1.30, 7.7.5.40. The flaw is a relative path traversal in the management path that could allow a remote high-privileged attacker to cause the application to send an unauthorized file to the mana...

6.8CVSS6.7AI score0.00401EPSS
CVE
CVE
added 2024/06/26 4:0 a.m.53 views

CVE-2024-37141

Dell PowerProtect DD is affected by an open redirect vulnerability affecting versions prior to 8.0 and the LTS trains 7.13.1.0, 7.10.1.30, and 7.7.5.40. A remote, low-privilege attacker could cause information disclosure. The public documents specify fixes: upgrade to 8.0 or later, and apply fixe...

3.5CVSS6.4AI score0.00298EPSS
CVE
CVE
added 2024/06/26 3:54 a.m.52 views

CVE-2024-37140

Dell PowerProtect DD is affected: OS command injection in an admin operation present in versions prior to 8.0 and in LTS 7.13.1.0, 7.10.1.30, and 7.7.5.40. The underlying issue enables a remote low-privilege attacker to run arbitrary OS commands with the vulnerable application’s privileges, poten...

8.8CVSS7.7AI score0.01218EPSS
CVE
CVE
added 2024/06/26 3:38 a.m.51 views

CVE-2024-37139

CVE-2024-37139 affects Dell PowerProtect DD before 8.0 and certain LTS branches (7.13.1.0.7.10.1.30, 7.7.5.40) with an improper control of a resource through its lifetime in an admin operation. This could allow a remote, low-privilege attacker to cause temporary resource constraint in a system ap...

6.5CVSS6.7AI score0.00477EPSS
CVE
CVE
added 2024/06/26 2:46 a.m.48 views

CVE-2024-29177

CVE-2024-29177 affects Dell PowerProtect DD prior to 8.0 and the LTS branches 7.13.1.0, 7.10.1.30, and 7.7.5.40. The issue is described as a disclosure of temporary sensitive information that could be exploited by a remote high-privilege attacker to reuse disclosed data to gain unauthorized acces...

2.7CVSS6.5AI score0.00296EPSS
CVE
CVE
added 2024/06/26 2:51 a.m.47 views

CVE-2024-29173

Dell PowerProtect DD (before 8.0 and the listed LTS branches: 7.13.1.0, 7.10.1.30, 7.7.5.40) contains a Server-Side Request Forgery (SSRF) vulnerability. A remote, high-privilege attacker could potentially disclose information on the application or remote client. The provided documents confirm th...

6.8CVSS6.5AI score0.00349EPSS
CVE
CVE
added 2024/06/26 2:31 a.m.43 views

CVE-2024-28973

Technical details beyond the generic description are not provided in the supplied documents. Monitor for updates from Dell and CVE List references.

5.9CVSS6AI score0.00242EPSS
CVE
CVE
added last week35 views

CVE-2026-53478

Summary: CVE-2026-53478 affects Dell PowerProtect Data Domain (versions 7.7.1.0–8.7; LTS2026: 8.6.1.0–8.6.1.10; LTS2025: 8.3.1.0–8.3.1.30; LTS2024: 7.13.1.0–7.13.1.70) and is caused by improper neutralization of special elements used in an OS command (OS command injection). A high-privilege attac...

7.2CVSS6AI score0.01216EPSS
CVE
CVE
added 2025/08/04 2:25 p.m.31 views

CVE-2025-36594

Dell PowerProtect Data Domain (DD OS) feature releases and LTS versions 7.7.1.0–8.3.0.15, 7.13.1.0–7.13.1.25, and 7.10.1.0–7.10.1.60 are affected by an Authentication Bypass by Spoofing vulnerability (CVE-2025-36594). The issue allows an unauthenticated, remotely accessible attacker to bypass pro...

9.8CVSS6.9AI score0.00469EPSS
CVE
CVE
added 2025/08/04 2:42 p.m.28 views

CVE-2025-30098

Dell PowerProtect Data Domain (DD OS) is affected by CVE-2025-30098: an Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in the DDSH CLI. A high-privilege attacker with local access could exploit this to execute arbitrary commands with root pr...

6.7CVSS7.1AI score0.00439EPSS
CVE
CVE
added last week28 views

CVE-2026-49815

Summary: Dell PowerProtect Data Domain (versions 7.7.1.0–8.7; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70) contains an OS command injection vulnerability due to improper neutralization of special elements in OS commands. A high-privileged attacker with remote ac...

7.2CVSS6.2AI score0.01096EPSS
CVE
CVE
added 2026/04/17 7:16 a.m.26 views

CVE-2026-23853

Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.50 contains a weak credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this to gain unauthorized access to the system. The ...

8.4CVSS5.8AI score0.00158EPSS
CVE
CVE
added last week24 views

CVE-2026-46468

CVE-2026-46468 affects Dell PowerProtect Data Domain: affected versions include 7.7.1.0–8.7, and specific LTS2024/2025/2026 ranges. The issue is an improper link resolution before file access (link following) that can be exploited by a high-privilege, local attacker to cause information exposure....

4.4CVSS5.9AI score0.00133EPSS
CVE
CVE
added 2026/04/20 4:15 p.m.23 views

CVE-2026-24505

CVE-2026-24505 affects Dell PowerProtect Data Domain, versions 8.5 through 8.6. The vulnerability stems from improper input validation, potentially allowing a high-privileged attacker with remote access to execute arbitrary commands with root privileges. The available documents do not provide add...

7.2CVSS6.1AI score0.00417EPSS
CVE
CVE
added last week23 views

CVE-2026-49814

CVE-2026-49814 affects Dell PowerProtect Data Domain, including versions 7.7.1.0–8.7 and several LTS releases (8.6.1.0–8.6.1.10, 8.3.1.0–8.3.1.30, 7.13.1.0–7.13.1.70). The vulnerability is an OS Command Injection due to improper neutralization of special elements, allowing a high-privilege, remot...

7.2CVSS6.1AI score0.01216EPSS
CVE
CVE
added 2026/04/20 4:22 p.m.22 views

CVE-2026-24506

Summary (CVE-2026-24506): Dell PowerProtect Data Domain affected releases include 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The issue is an OS command injection in the system that could allow a high-privileged, remote attacker to execute arbitrary commands as root. Th...

7.2CVSS6.1AI score0.01191EPSS
CVE
CVE
added 2026/04/20 3:51 p.m.22 views

CVE-2026-26944

Dell PowerProtect Data Domain (versions 7.7.1.0–8.6; LTS2025 8.3.1.0–8.3.1.20; LTS2024 7.13.1.0–7.13.1.60) contains a missing authentication for a critical function vulnerability. An unauthenticated attacker with remote access could exploit it to achieve arbitrary command execution with root priv...

8.8CVSS6.1AI score0.0054EPSS
CVE
CVE
added 2026/04/17 11:52 a.m.21 views

CVE-2026-23777

Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, LTS2024 7.13.1.0–7.13.1.50 has an information exposure vulnerability. A low-privileged attacker with remote access could potentially exploit this to access sensitive data. The CVSS 3.1 base score is...

6.5CVSS5.8AI score0.003EPSS
CVE
CVE
added 2026/04/20 4:34 p.m.21 views

CVE-2026-26942

Dell PowerProtect Data Domain versions 8.5–8.6 are affected by CVE-2026-26942, an OS command injection vulnerability caused by improper neutralization of special elements. The issue could allow a high-privileged attacker with remote access to execute arbitrary commands with root privileges. Affec...

7.2CVSS6.1AI score0.00882EPSS
CVE
CVE
added last week21 views

CVE-2026-49813

Dell PowerProtect Data Domain is affected (versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) by an OS command injection vulnerability due to improper neutralization of special elements in commands. The issue can enable arbitrary command executio...

6.7CVSS6AI score0.0046EPSS
CVE
CVE
added 2025/08/04 2:32 p.m.20 views

CVE-2025-30096

Summary (CVE-2025-30096) Dell PowerProtect Data Domain on DD OS is affected by an OS Command Injection in the DDSH CLI. A high-privileged attacker with local access could run arbitrary commands as root. Affected DD OS versions include: Feature Release 7.7.1.0–8.1.0.10; LTS2024 7.13.1.0–7.13.1.25;...

6.7CVSS7.1AI score0.00439EPSS
CVE
CVE
added 2025/08/04 2:38 p.m.20 views

CVE-2025-30097

Dell PowerProtect Data Domain running DD OS (Feature Release 7.7.1.0–8.1.0.10; LTS2024 7.13.1.0–7.13.1.25; LTS2023 7.10.1.0–7.10.1.50) is affected by an OS Command Injection in the DDSH CLI. The root cause is improper neutralization of special elements in commands, enabling a high-privileged, loc...

6.7CVSS7.1AI score0.00439EPSS
CVE
CVE
added 2025/08/04 2:47 p.m.20 views

CVE-2025-30099

CVE-2025-30099 affects Dell PowerProtect Data Domain with DD OS (Feature Release 7.7.1.0–8.1.0.10; LTS2024 7.13.1.0–7.13.1.25; LTS 2023 7.10.1.0–7.10.1.50) and is due to an Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) in the DDSH CLI. A low-privilege, l...

7.8CVSS7.2AI score0.00432EPSS
CVE
CVE
added 2026/04/17 11:5 a.m.20 views

CVE-2026-35073

Dell PowerProtect Data Domain vulnerable in versions 7.7.1.0–8.7.0.0, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60 due to improper neutralization of special elements used in an OS command injection vulnerability. A high-privilege attacker with local access could potentially execute ar...

6.7CVSS6AI score0.00571EPSS
CVE
CVE
added 2026/04/22 6:11 p.m.19 views

CVE-2026-26354

Dell PowerProtect Data Domain with DD OS Feature Release versions 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.10, and LTS2024 7.13.1.0–7.13.1.60 contains a stack-based Buffer Overflow vulnerability. An unauthenticated, remote attacker could potentially exploit this to achieve arbitrary command execution. ...

9.8CVSS6AI score0.00504EPSS
CVE
CVE
added 2026/04/20 4:50 p.m.19 views

CVE-2026-35154

Dell PowerProtect Data Domain appliances (versions 7.7.1.0–8.7.0.0; LTS2025 8.3.1.0–8.3.1.20; LTS2024 7.13.1.0–7.13.1.60) contain an improper privilege management vulnerability in IDRAC. The issue could allow a highly privileged, local attacker to elevate privileges and perform unauthorized delet...

6.7CVSS5.8AI score0.00087EPSS
CVE
CVE
added 2026/04/17 8:56 a.m.18 views

CVE-2026-23776

CVE-2026-23776 affects Dell PowerProtect Data Domain with DD OS Feature Release versions 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. It reports an Improper Certificate Validation vulnerability in certificate-based login, enabling a remote attacker with network access an...

8.8CVSS5.8AI score0.00222EPSS
CVE
CVE
added 2026/04/17 10:38 a.m.18 views

CVE-2026-35153

Dell PowerProtect Data Domain: Affected versions 7.7.1.0–8.7.0.0, LTS2025 8.3.1.0–8.3.1.20, LTS2024 7.13.1.0–7.13.1.60 contain an improper neutralization of argument delimiters in a command (argument injection) vulnerability. A high‑privileged attacker with local access could potentially trigger ...

6.7CVSS6AI score0.00215EPSS
CVE
CVE
added 2026/07/03 12:34 p.m.18 views

CVE-2026-54483

CVE-2026-54483 affects Dell PowerProtect Data Domain: versions 7.7.1.0–8.6, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, and LTS2024 7.13.1.0–7.13.1.70. The vulnerability is described as OS command injection caused by improper neutralization of special elements in certain OS commands. A hi...

6.7CVSS6AI score0.00451EPSS
CVE
CVE
added 2025/10/07 7:6 p.m.17 views

CVE-2025-43905

CVE-2025-43905 affects Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60. The issue is an Improper Neutralization of Argument Delimiters in a Command (Argument Injection) which could allow a lo...

6.5CVSS6.3AI score0.00308EPSS
CVE
CVE
added 2026/04/17 11:19 a.m.17 views

CVE-2025-46641

CVE-2025-46641 affects Dell PowerProtect Data Domain running DD OS Feature Release 8.4–8.5 . The issue is an improper authentication vulnerability that could allow a high-privileged attacker with remote access to achieve unauthorized access. The NVD/NVD-derived data show a network-based attack ve...

6.6CVSS5.8AI score0.00354EPSS
CVE
CVE
added 2026/04/20 4:28 p.m.17 views

CVE-2026-26943

Summary: CVE-2026-26943 affects Dell PowerProtect Data Domain (versions 7.7.1.0–8.6; LTS2025 8.3.1.0–8.3.1.20; LTS2024 7.13.1.0–7.13.1.60). The vulnerability is described as an OS command injection that could allow a high-privilege, remotely authenticated attacker to execute arbitrary commands wi...

7.2CVSS6.1AI score0.01191EPSS
CVE
CVE
added 3 days ago17 views

CVE-2026-53483

Dell PowerProtect Data Domain is affected (versions 7.7.1.0–8.7; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70) by an improper authentication vulnerability. An unauthenticated attacker with remote access could exploit this to gain unauthorized access and take comp...

9.8CVSS6.1AI score0.00625EPSS
CVE
CVE
added 2025/10/07 7:44 p.m.16 views

CVE-2025-36566

Dell PowerProtect Data Domain running DD OS Feature Release versions 7.7.1.0–8.1.0.10, LTS2024 7.13.1.0–7.13.1.25, and LTS2023 7.10.1.0–7.10.1.50 contains an OS Command Injection due to improper neutralization of special elements. A high-privilege, local attacker could execute arbitrary commands ...

6.7CVSS6.5AI score0.00612EPSS
CVE
CVE
added 2025/10/07 7:26 p.m.16 views

CVE-2025-43727

Dell PowerProtect Data Domain (DD OS) versions 7.7.1.0–8.1.0.10, 7.13.1.0–7.13.1.25, and 7.10.1.0–7.10.1.50 contain an incorrect implementation of the RestAPI authentication algorithm, enabling an unauthenticated remote attacker to gain unauthorized access. No exploitation details are provided in...

7.5CVSS6.5AI score0.00337EPSS
CVE
CVE
added 2025/10/07 6:54 p.m.16 views

CVE-2025-43913

Dell PowerProtect Data Domain (DD OS) feature releases 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS 2023 7.10.1.0–7.10.1.60 contain a vulnerability described as Use of a Broken or Risky Cryptographic Algorithm. An unauthenticated, remote attacker could potentially cause ...

6.5CVSS6.2AI score0.00156EPSS
CVE
CVE
added 2025/10/07 7:0 p.m.16 views

CVE-2025-45375

Dell PowerProtect Data Domain and the Data Domain Operating System (DD OS) Feature Release 7.7.1.0–8.3.0.15, LTS2025 8.3.1.0, LTS2024 7.13.1.0–7.13.1.30, and LTS2023 7.10.1.0–7.10.1.60 contain a stack-based buffer overflow. A high-privilege user with local access could exploit this to cause a Den...

4.4CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/04/17 11:44 a.m.16 views

CVE-2026-28263

CVE-2026-28263 affects Dell PowerProtect Data Domain running DD OS Feature Release 7.7.1.0–8.5, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.50. It describes a cross-site scripting vulnerability that could be exploited by a high-privilege attacker with remote access, leading to script in...

5.9CVSS5.7AI score0.00204EPSS
CVE
CVE
added 2026/04/17 10:57 a.m.16 views

CVE-2026-35074

CVE-2026-35074 affects Dell PowerProtect Data Domain products: 7.7.1.0–8.7.0.0, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The issue is an improper neutralization of special elements used in an OS command injection vulnerability, enabling a high-privilege local attacker to execute ...

6.7CVSS6AI score0.00571EPSS
Total number of security vulnerabilities99