Dell PowerProtect Data Domain Operating System
Moderate fix3 remedies
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*, +1 more
Moderate fix3 remedies
- >= 7.7.1.0, <= 8.3.0.10
- >= 7.13.1.0, <= 7.13.1.20
- >= 7.10.1.0, <= 7.10.1.50
Dell PowerProtect Data Domain Insufficient Access Control Vulnerability Allowing Root Command Execution
Vulnerability
Patched
A vulnerability exists in Dell PowerProtect Data Domain systems running versions of the Data Domain Operating System (DD OS) prior to 8.3.0.15. This vulnerability, characterized by insufficient granularity of access control, allows an authenticated user from a trusted remote client to execute arbitrary commands with root privileges.
Impact
Exploitation of this vulnerability could lead to unauthorized command execution with root privileges on the affected system.
Remediation
Users can upgrade to PowerProtect Data Domain DD OS versions 8.3.0.15 or later, 7.13.1.25 or later, or 7.10.1.60 or later, depending on their current version. For detailed upgrade instructions, refer to the Dell PowerProtect Data Domain Upgrade Procedure Knowledge Base article. After upgrading, be aware that certain security scanners may generate false positive detections, for which Dell provides guidance in specific Knowledge Base articles.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
4.9remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.