Dell PowerProtect Data Domain
Moderate fix5 remedies
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*
Moderate fix5 remedies
- >= 7.7.1.0, <= 8.4.0.0
- 8.3.1.0
- >= 7.13.1.0, <= 7.13.1.30
- >= 7.10.1.0, <= 7.10.1.60
Dell PowerProtect Data Domain Broken Cryptographic Algorithm Vulnerability Allowing Information Disclosure
Vulnerability
Patched
A vulnerability has been identified in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) versions 7.7.1.0 prior to 8.3.0.15, as well as LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, and LTS2023 release versions 7.10.1.0 through 7.10.1.60. This vulnerability involves the use of a broken or risky cryptographic algorithm in the authentication process, which could be exploited by an unauthenticated attacker with remote access, leading to unauthorized information disclosure.
Impact
Exploitation of this vulnerability could result in unauthorized information disclosure.
Remediation
Users can upgrade to Dell PowerProtect Data Domain OS version 8.4.0.0 or later. For instructions on how to upgrade, see the Dell Knowledge Base article 'How to Upgrade the Data Domain Operating System'.
Added: Oct 7, 2025, 7:26 PM
Updated: Oct 7, 2025, 7:26 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
2.5exploitability
7.0remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.