Primary

Context

Dell Data Protection Advisor Improper Neutralization of Template Engine Elements Vulnerability

Vulnerability

Patched

A vulnerability exists in Dell Data Protection Advisor (DPA) versions prior to 19.12, related to improper neutralization of special elements used in a template engine within the server component. This vulnerability allows a low-privileged attacker with remote access to potentially exploit the issue, leading to information exposure.

Impact

Exploitation of this vulnerability could result in unauthorized information exposure.

Remediation

Users can upgrade to Dell Data Protection Advisor version 19.12 or later. For versions 19.11 and later, a script is available to remove affected OpenSSL 1.0.2 dependent libraries. This script can be obtained from Dell Customer Support.

Added: Jan 23, 2026, 10:21 AM

Updated: Jan 23, 2026, 10:21 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.2

remediation

7.7

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.2

remediation

7.7

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell Data Protection Advisor Improper Neutralization of Template Engine Elements Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell Data Protection Advisor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating