Primary

Context

Dell PowerProtect Data Domain Path Traversal Vulnerability Allowing Information Exposure

Vulnerability

Patched

A path traversal vulnerability has been identified in the Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions 7.7.1.0 prior to 8.4, LTS2024 versions 7.13.1.0 through 7.13.1.30, and LTS2023 versions 7.10.1.0 through 7.10.1.60. This vulnerability, located in the user interface, allows an unauthenticated attacker with remote access to exploit the issue, potentially leading to unauthorized information exposure.

Impact

Exploitation of this vulnerability could result in unauthorized information exposure.

Remediation

Users can upgrade to version 8.4.0.0 or later. For instructions on how to upgrade, see the Dell Knowledge Base article 'How to Upgrade the Data Domain Operating System'.

Added: Oct 7, 2025, 7:27 PM

Updated: Oct 7, 2025, 7:27 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerProtect Data Domain Path Traversal Vulnerability Allowing Information Exposure

Vulnerability

Impact

Remediation

Affected Products

Dell PowerProtect Data Domain

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating