Primary

Context

Dell PowerProtect Data Domain Use of a Broken or Risky Cryptographic Algorithm Vulnerability

Vulnerability

Patched

A vulnerability has been identified in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) Feature Release versions 7.7.1.0 prior to 8.3.0.15, as well as LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, and LTS2023 release versions 7.10.1.0 through 7.10.1.60. This vulnerability involves the use of a broken or risky cryptographic algorithm in the DD Boost component, which could be exploited by an unauthenticated attacker with remote access, leading to unauthorized information exposure.

Impact

Exploitation of this vulnerability could result in unauthorized information exposure.

Remediation

Users can upgrade to Dell PowerProtect Data Domain OS versions 8.4.0.0 or later, or for specific LTS versions, consult the Dell PowerProtect Data Domain Management Center support page for guidance.

Added: Oct 7, 2025, 7:23 PM

Updated: Oct 7, 2025, 7:23 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerProtect Data Domain Use of a Broken or Risky Cryptographic Algorithm Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell PowerProtect Data Domain

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating