Powerprotect Data Manager Security Vulnerabilities and Issues — Powerprotect Data Manager CVE List

Lucene search

DellPowerprotect Data Manager

8 matches found

CVE•added 2024/03/28 7:15 p.m.•56 views

CVE-2024-25971

Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.

6.5CVSS5.4AI score0.00042EPSS

CVE•added 2025/04/28 3:15 p.m.•48 views

CVE-2025-23375

Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect Use of Privileged APIs vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

7.8CVSS6.9AI score0.00018EPSS

CVE•added 2025/04/28 3:15 p.m.•48 views

CVE-2025-23376

Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper Neutralization of Special Elements Used in a Template Engine vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure.

4.4CVSS6.1AI score0.00025EPSS

CVE•added 2025/04/28 3:15 p.m.•44 views

CVE-2025-23377

Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to inject arbitrary web script or html in reporting outputs.

4.2CVSS6.4AI score0.00015EPSS

CVE•added 2024/02/13 8:16 a.m.•40 views

CVE-2024-22454

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised ...

8.8CVSS8.8AI score0.01099EPSS

CVE•added 2024/02/13 8:16 a.m.•33 views

CVE-2024-22445

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges ...

7.2CVSS7.2AI score0.00306EPSS

CVE•added 2023/04/11 2:15 p.m.•31 views

CVE-2023-28062

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

8.8CVSS8.3AI score0.00066EPSS

CVE•added 2020/07/06 6:15 p.m.•28 views

CVE-2020-5356

Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect virtual machines.

7.7CVSS6.2AI score0.00173EPSS