Dell PowerProtect Data Domain
Moderate fix7 remedies
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:*:*:*
Moderate fix7 remedies
- >= 7.7.1.0, <= 8.5
- >= 8.3.1.0, <= 8.3.1.20
- >= 7.13.1.0, <= 7.13.1.50
Dell PowerProtect Data Domain Cross-Site Scripting Vulnerability
Vulnerability
Patched
A cross-site scripting vulnerability has been identified in Dell PowerProtect Data Domain appliances running Data Domain Operating System (DD OS) versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, and LTS2024 release versions 7.13.1.0 through 7.13.1.50. This vulnerability allows a high-privileged attacker with remote access to inject scripts, potentially leading to script execution on the victim's browser.
Impact
Exploitation of this vulnerability could allow for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.
Remediation
Users can upgrade to Dell PowerProtect Data Domain DD OS versions 8.6.1.10, 8.7.0.0 or later, or version 7.13.1.70 or later. Instructions for upgrading the Data Domain Operating System are available on the Dell Support website.
Added: Apr 17, 2026, 12:24 PM
Updated: Apr 17, 2026, 12:24 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
5.4exploitability
4.1remediation
7.7relevance
6.1threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.