Description
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 an improper authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
Problem types
CWE-287: Improper Authentication
Product status
Any version before 8.8.0.0 or later
Any version before 8.6.1.20 or later
Any version before 8.3.1.40 or later
Any version before 7.13.1.80 or later
Credits
Dell would like to thank Ahmed Y. Elmogy for reporting these issues.
References
www.dell.com/...protect-data-domain-multiple-vulnerabilities