Primary

Context

Dell PowerProtect Data Manager Plaintext Password Storage Vulnerability in Hyper-V

Vulnerability

Patched

A vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20 for Hyper-V, related to the plaintext storage of passwords. This vulnerability allows a high-privileged attacker with local access to potentially disclose certain user credentials. The exposed credentials could be used to gain unauthorized access with the privileges of the compromised account.

Impact

Exploitation of this vulnerability could lead to the unauthorized disclosure of user credentials, allowing access to systems or data with the compromised account's privileges.

Remediation

Users can upgrade to Dell PowerProtect Data Manager version 19.21.0-11 or later. Instructions for downloading this version are available on the Dell PowerProtect Data Manager Drivers & Downloads page.

Added: Sep 10, 2025, 4:28 PM

Updated: Sep 10, 2025, 4:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

3.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

5.0

exploitability

3.0

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerProtect Data Manager Plaintext Password Storage Vulnerability in Hyper-V

Vulnerability

Impact

Remediation

Affected Products

Dell PowerProtect Data Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating