Dell PowerProtect Data Domain
Moderate fix9 remedies
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*
Moderate fix9 remedies
- >= 7.7.1.0, <= 8.4.0.0
- >= 8.3.1.0, <= 8.3.1.0
- >= 7.13.1.0, <= 7.13.1.30
- >= 7.10.1.0, <= 7.10.1.60
Dell PowerProtect Data Domain Path Traversal Vulnerability Allowing Denial-of-Service and Unauthorized Access
Vulnerability
Patched
A path traversal vulnerability has been identified in Dell PowerProtect Data Domain systems running Data Domain Operating System (DD OS) versions 7.7.1.0 prior to 8.3.0.15, as well as in LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, and LTS2023 release versions 7.10.1.0 through 7.10.1.60. This vulnerability allows a high-privileged attacker with local access to exploit the system, potentially leading to a denial-of-service condition and unauthorized access.
Impact
Exploitation of this vulnerability could result in a denial-of-service condition and unauthorized access to the system.
Remediation
Users can upgrade to Dell PowerProtect Data Domain OS version 8.4.0.0 or later. For systems with Data Domain OS LTS2025, version 8.3.1.10 or later is recommended. Instructions for upgrading the Data Domain Operating System are available on the Dell Support website.
Added: Oct 7, 2025, 7:20 PM
Updated: Oct 7, 2025, 7:20 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
3.0remediation
7.7relevance
0.6threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.