Unrated severityNVD Advisory· Published Oct 7, 2025· Updated Oct 7, 2025
CVE-2025-43889
CVE-2025-43889
Description
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: 7.7.1.0 through 8.4 (Feature Release), 7.13.1.0 through 7.13.1.30 (LTS2024), 7.10.1.0 through 7.10.1.60 (LTS2023)
- Dell/PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2023v5Range: 7.10.1.0
- Dell/PowerProtect Data Domain with Data Domain Operating System (DD OS) LTS2024v5Range: 7.13.1.0
- Dell/PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Releasev5Range: 7.7.1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.