Lucene search
+L
DellEmc Data Domain Os

12 matches found

CVE
CVE
added 2017/05/04 2:0 p.m.61 views

CVE-2017-4983

CVE-2017-4983 affects EMC Data Domain OS 5.2–5.7 (before 5.7.3.0) and 6.0 (before 6.0.1.0). The issue is described as a privilege-escalation vulnerability that could allow a local attacker to compromise the affected system. The connected sources confirm the affected versions and the potential imp...

6.7CVSS6.7AI score0.00384EPSS
CVE
CVE
added 2023/02/01 12:30 p.m.57 views

CVE-2023-23692

CVE-2023-23692 affects Dell PowerProtect Data Domain (DDOS) prior to version 7.9, where an OS command injection vulnerability could allow an authenticated non-admin attacker to run arbitrary OS commands on the underlying system with the vulnerable app’s privileges. The available sources confirm t...

8.8CVSS9AI score0.01569EPSS
CVE
CVE
added 2017/02/03 7:24 a.m.54 views

CVE-2016-8216

EMC Data Domain OS (DD OS) exposes a local command injection vulnerability tracked as CVE-2016-8216. Affected are DD OS 5.4 across all versions, 5.5 family prior to 5.5.5.0, 5.6 family prior to 5.6.2.0, and 5.7 family prior to 5.7.2.10. The issue allows a local attacker to bypass the Data Domain ...

7.2CVSS6.6AI score0.00812EPSS
CVE
CVE
added 2016/06/19 8:0 p.m.44 views

CVE-2016-0912

The CVE affects EMC Data Domain OS 5.4–5.7 prior to 5.7.2.0. A remote authenticated attacker can bypass password-change restrictions by: (1) accessing another account with the same role as the target, or (2) using an active session on an unattended workstation. Root cause is improper enforcement ...

9.8CVSS8.8AI score0.03482EPSS
CVE
CVE
added 2016/06/19 8:0 p.m.43 views

CVE-2016-0911

CVE-2016-0911 affects EMC Data Domain OS 5.4–5.7 prior to 5.7.2.0. The issue is a default no_root_squash setting on NFS exports that can let a client with root privileges access the filesystem, potentially elevating privileges. Affected component: NFS export configuration; underlying cause: defau...

8.2CVSS8AI score0.00978EPSS
CVE
CVE
added 2023/12/14 3:31 p.m.42 views

CVE-2023-44285

Dell PowerProtect DD is affected by an improper access control vulnerability that enables local privilege escalation by a low-privilege user. Affected software includes PowerProtect DD versions prior to 7.13.0.10, LTS releases prior to 7.7.5.25 and 7.10.1.15, and the 6.2.1.110 baseline. The issue...

7.8CVSS7.6AI score0.00221EPSS
CVE
CVE
added 2023/12/14 3:5 p.m.41 views

CVE-2023-44277

Dell PowerProtect DD contains an OS command injection vulnerability in the CLI. A local, low-privileged attacker could execute arbitrary OS commands on the underlying OS with the vulnerable service’s privileges, potentially leading to a full system takeover. Affected versions include prior to 7.1...

7.8CVSS7.6AI score0.006EPSS
CVE
CVE
added 2023/12/14 3:22 p.m.40 views

CVE-2023-44279

Dell PowerProtect DD is affected by an OS command injection in the administrator CLI. The vulnerability impacts DD versions prior to 7.13.0.10, LTS versions prior to 7.7.5.25 and 7.10.1.15, and version 6.2.1.110. The underlying issue is the failure to properly filter construct command characters,...

6.7CVSS6.3AI score0.00616EPSS
CVE
CVE
added 2023/12/14 3:35 p.m.40 views

CVE-2023-44286

Dell PowerProtect DD is affected by a DOM-based Cross-Site Scripting vulnerability (CVE-2023-44286) in multiple versions: pre-7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. The root cause is a DOM-based XSS that allows a remote unauthenticated attacker to inject malicious HTML/JavaScript ...

8.8CVSS6.3AI score0.00757EPSS
CVE
CVE
added 2023/12/14 3:26 p.m.38 views

CVE-2023-44284

Dell PowerProtect DD is affected by an SQL injection in versions prior to 7.13.0.10, with LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110 also impacted. The issue allows a remote, low-privilege attacker to cause the execution of SQL commands on the backend database, resulting in unauthorized read acce...

4.3CVSS5.2AI score0.00569EPSS
CVE
CVE
added 2023/12/14 3:40 p.m.37 views

CVE-2023-48667

Dell PowerProtect DD is affected by an OS command injection vulnerability in the administrator CLI. A remote high-privilege attacker could execute arbitrary OS commands on the underlying OS, potentially taking over the system. Affected versions include pre-7.13.0.10, LTS pre-7.7.5.25, LTS pre-7.1...

7.2CVSS7.1AI score0.01778EPSS
CVE
CVE
added 2023/12/14 3:17 p.m.34 views

CVE-2023-44278

Dell PowerProtect DD is affected by a path traversal vulnerability (CVE-2023-44278) affecting versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, and 6.2.1.110. The root cause is a path traversal flaw that could allow a local, highly privileged attacker to read and write OS files on the ser...

6.7CVSS6.3AI score0.00285EPSS