Dell PowerProtect Data Domain
Moderate fix8 remedies
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*
Moderate fix8 remedies
- >= 7.7.1.0, <= 8.3.0.15
- >= 8.3.1.0, <= 8.3.1.0
- >= 7.13.1.0, <= 7.13.1.30
- >= 7.10.1.0, <= 7.10.1.60
Dell PowerProtect Data Domain Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Vulnerability
Patched
A vulnerability has been identified in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) versions 7.7.1.0 prior to 8.3.0.15, as well as LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, and LTS2023 release versions 7.10.1.0 through 7.10.1.60. This vulnerability involves the use of a broken or risky cryptographic algorithm, which could be exploited by an unauthenticated attacker with remote access, leading to information disclosure. Additionally, this vulnerability could be used to conduct phishing attacks that trick users into revealing sensitive information.
Impact
Exploitation of this vulnerability could result in unauthorized information disclosure, potentially allowing attackers to conduct phishing attacks that exploit the disclosed information.
Remediation
Users can upgrade to Dell PowerProtect Data Domain OS versions 8.4.0.0 or later, or for specific LTS versions, consult the Dell PowerProtect Data Domain Management Center update instructions. For detailed guidance, refer to the Dell PowerProtect Data Domain Knowledge Base articles regarding the upgrade process and available patches.
Added: Oct 7, 2025, 7:21 PM
Updated: Oct 7, 2025, 7:21 PM