Medium severity4.3NVD Advisory· Published Apr 17, 2026· Updated May 5, 2026

CVE-2026-23777

Description

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain an exposure of sensitive information to an unauthorized actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information exposure.

Affected products

Dell/Powerprotect Data Domain
cpe:2.3:a:dell:powerprotect_data_domain:*:*:*:*:lts:*:*:*
Range: >=7.13.1.0,<=7.13.1.50
Dell/Data Domain Operating System
cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*
Range: >=7.7.1.0,<=8.5.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilitiesnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000