CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22475
https://notcve.org/view.php?id=CVE-2025-22475
04 Feb 2025 — Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentially exploit this vulnerability, leading to Information tampering. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-53295
https://notcve.org/view.php?id=CVE-2024-53295
01 Feb 2025 — Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper access control vulnerability. A local malicious user with low privileges could potentially exploit this vulnerability leading to escalation of privilege. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-51534
https://notcve.org/view.php?id=CVE-2024-51534
01 Feb 2025 — Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path traversal vulnerability. A local low privileged could potentially exploit this vulnerability to gain unauthorized overwrite of OS files stored on the server filesystem. Exploitation could lead to denial of service. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-29: Path Traversal: '\..\filename' •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-53296
https://notcve.org/view.php?id=CVE-2024-53296
01 Feb 2025 — Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. • https://www.dell.com/support/kbdoc/en-us/000279157/dsa-2025-022-security-update-for-dell-powerprotect-dd-multiple-vulnerabilities • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-48010
https://notcve.org/view.php?id=CVE-2024-48010
08 Nov 2024 — Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. • https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability • CWE-284: Improper Access Control •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45759
https://notcve.org/view.php?id=CVE-2024-45759
08 Nov 2024 — Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system. • https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability • CWE-266: Incorrect Privilege Assignment •