CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-29987
https://notcve.org/view.php?id=CVE-2025-29987
03 Apr 2025 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. • https://www.dell.com/support/kbdoc/en-us/000300899/dsa-2025-139-dell-technologies-powerprotect-data-domain-security-update-for-a-security-vulnerability • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28974
https://notcve.org/view.php?id=CVE-2024-28974
29 May 2024 — Dell Data Protection Advisor, version(s) 19.9, contain(s) an Inadequate Encryption Strength vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service. Dell Data Protection Advisor, versión(es) 19.9, contiene una vulnerabilidad de fuerza de cifrado inadecuada. Un atacante con pocos privilegios y acceso remoto podría explotar esta vulnerabilidad y provocar una denegación de servicio. • https://www.dell.com/support/kbdoc/en-us/000225088/dsa-2024-192-security-update-for-data-protection-advisor-and-powerprotect-dp-series-appliance-idpa-for-multiple-vulnerabilities • CWE-326: Inadequate Encryption Strength •