VYPR

Powerprotect Data Manager

by Dell

CVEs (21)

  • CVE-2025-43888HigSep 10, 2025
    risk 0.57cvss 8.8epss 0.00

    Dell PowerProtect Data Manager, Hyper-V, version(s) 19.19 and 19.20, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

  • CVE-2024-22454HigFeb 13, 2024
    risk 0.57cvss 8.8epss 0.01

    Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with…

  • CVE-2023-44304HigDec 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance.

  • CVE-2023-28062HigApr 11, 2023
    risk 0.57cvss 8.8epss 0.01

    Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.

  • CVE-2025-43884HigSep 10, 2025
    risk 0.53cvss 8.2epss 0.00

    Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability,…

  • CVE-2023-44305HigDec 4, 2023
    risk 0.53cvss 8.1epss 0.01

    Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.

  • CVE-2023-44302HigDec 4, 2023
    risk 0.53cvss 8.1epss 0.01

    Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access of resources or functionality that could possibly lead to execute arbitrary code.

  • CVE-2025-43885HigSep 10, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability,…

  • CVE-2025-43725HigSep 10, 2025
    risk 0.51cvss 7.8epss 0.00

    Dell PowerProtect Data Manager, Generic Application Agent, version(s) 19.19 and 19.20, contain(s) an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

  • CVE-2020-5356HigJul 6, 2020
    risk 0.50cvss 7.7epss 0.01

    Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user may download any file from the affected PowerProtect virtual machines.

  • CVE-2024-22445HigFeb 13, 2024
    risk 0.47cvss 7.2epss 0.01

    Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS,…

  • CVE-2023-44291HigDec 4, 2023
    risk 0.47cvss 7.2epss 0.02

    Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the underlying OS, with the privileges of the…

  • CVE-2025-43887HigSep 10, 2025
    risk 0.46cvss 7.0epss 0.00

    Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

  • CVE-2025-30480MedJul 30, 2025
    risk 0.42cvss 6.5epss 0.00

    Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation vulnerability in PowerProtect Data Manager. A low privileged attacker with remote access could potentially exploit this vulnerability to read arbitrary files.

  • CVE-2023-44306MedDec 4, 2023
    risk 0.42cvss 6.5epss 0.01

    Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite configuration files stored on the server filesystem.

  • CVE-2024-25971MedMar 28, 2024
    risk 0.36cvss 5.5epss 0.01

    Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.

  • CVE-2023-44300MedDec 4, 2023
    risk 0.36cvss 5.5epss 0.00

    Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials. The attacker may be able to use the exposed…

  • CVE-2023-44301MedDec 4, 2023
    risk 0.35cvss 5.4epss 0.00

    Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the…

  • CVE-2025-43938MedSep 10, 2025
    risk 0.33cvss 5.0epss 0.00

    Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The…

  • CVE-2025-43886MedSep 10, 2025
    risk 0.29cvss 4.4epss 0.00

    Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Path Traversal: '.../...//' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.

Page 1 of 2