Primary

Context

Dell PowerProtect Data Manager Improper Neutralization Vulnerability in Reporting Component

Vulnerability

Patched

A vulnerability has been identified in the Reporting component of Dell PowerProtect Data Manager versions 19.16, 19.17, and 19.18. This vulnerability arises from improper neutralization of special elements used in a template engine, potentially allowing a high-privileged attacker with local access to exploit it, leading to information disclosure.

Impact

Exploitation of this vulnerability could result in unauthorized information disclosure.

Remediation

Users can upgrade to Dell PowerProtect Data Manager version 19.19.0-15 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerProtect Data Manager Improper Neutralization Vulnerability in Reporting Component

Vulnerability

Impact

Remediation

Affected Products

Dell PowerProtect Data Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating