DSA-2025-333: Security Update for Dell PowerProtect Data Domain Multiple Vulnerabilities

Résumé: Dell PowerProtect Data Domain remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Cet article concerne Cet article ne concerne pas Cet article n’est associé à aucun produit spécifique. Toutes les versions du produit ne sont pas identifiées dans cet article.
Consulter d’autres ressources

Impact

High

Détails

Third-Party Component

CVEs

More Information

IDRAC9

CVE-2025-22397

DSA-2025-376

BASFE SSL-J

CVE-2024-29171, CVE-2024-29172

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Bind

CVE-2024-11187

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Certifi

CVE-2024-39689

 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

configobj

CVE-2023-26112

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Cpython

CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923, CVE-2022-40899

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

CPython "venv"

CVE-2024-9287

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

curl

CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

FreeType

CVE-2025-27363

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Glib

CVE-2024-34397

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

GNOME Glib

CVE-2024-52533

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

GNU C Library

CVE-2025-0395

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

grub2

CVE-2025-1125, CVE-2025-1118, CVE-2025-0690, CVE-2025-0689, CVE-2025-0686, CVE-2025-0685, CVE-2025-0684, CVE-2025-0678, CVE-2025-0677, CVE-2025-0624, CVE-2025-0622, CVE-2024-56737, CVE-2024-45783, CVE-2024-45782, CVE-2024-45781, CVE-2024-45780, CVE-2024-45779, CVE-2024-45778, CVE-2024-45777, CVE-2024-45776, CVE-2024-45775, CVE-2024-45774

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

HTTP/2

CVE-2023-44487

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Jinja

CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Kernel

CVE-2021-22543, CVE-2021-37159, CVE-2021-47634, CVE-2021-47644, CVE-2022-2991, CVE-2022-48636, CVE-2022-48650, CVE-2022-48664, CVE-2022-48953, CVE-2022-48975, CVE-2022-49006, CVE-2022-49076, CVE-2022-49080, CVE-2022-49089, CVE-2022-49124, CVE-2022-49134, CVE-2022-49135, CVE-2022-49151, CVE-2022-49178, CVE-2022-49182, CVE-2022-49201, CVE-2022-49247, CVE-2022-49490, CVE-2022-49626, CVE-2022-49661, CVE-2023-0394, CVE-2023-6606, CVE-2023-52572, CVE-2023-52646, CVE-2023-52653, CVE-2023-52853, CVE-2023-52924, CVE-2024-23307, CVE-2024-26810, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-27054, CVE-2024-27388, CVE-2024-27397, CVE-2024-47701, CVE-2024-49867, CVE-2024-49884, CVE-2024-49950, CVE-2024-49963, CVE-2024-49975, CVE-2024-50036, CVE-2024-50067, CVE-2024-50073, CVE-2024-50115, CVE-2024-50251, CVE-2024-50304, CVE-2024-53173, CVE-2024-53217, CVE-2024-53239, CVE-2024-56539, CVE-2024-56605, CVE-2024-56633, CVE-2024-56647, CVE-2024-56658, CVE-2024-56688, CVE-2024-57896, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21690, CVE-2025-21700, CVE-2025-21753, CVE-2024-56533, CVE-2024-56532, CVE-2024-56369, CVE-2024-55916, CVE-2024-53227, CVE-2024-53197, CVE-2024-53185, CVE-2024-53155, CVE-2024-52332, CVE-2024-50142, CVE-2024-49948, CVE-2024-48881, CVE-2024-47809, CVE-2024-26644, CVE-2021-47223, CVE-2021-47222, CVE-2024-57890, CVE-2024-57884, CVE-2024-56769, CVE-2024-56763, CVE-2024-56759, CVE-2024-56748, CVE-2024-56747, CVE-2024-56739, CVE-2024-56722, CVE-2024-56700, CVE-2024-56681, CVE-2024-56662, CVE-2024-56661, CVE-2024-56650, CVE-2024-56643, CVE-2024-56641, CVE-2024-56637, CVE-2024-56630, CVE-2024-56623, CVE-2024-56615, CVE-2024-56601, CVE-2024-56600, CVE-2024-56594, CVE-2024-56593, CVE-2024-56574, CVE-2021-46936, CVE-2021-47163, CVE-2021-47416, CVE-2021-47612, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48809, CVE-2022-48946, CVE-2022-48949, CVE-2022-48951, CVE-2022-48956, CVE-2022-48958, CVE-2022-48960, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48969, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48978, CVE-2022-48985, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48997, CVE-2022-49000, CVE-2022-49002, CVE-2024-50033, CVE-2024-50035, CVE-2024-50045, CVE-2024-50047, CVE-2024-50058, CVE-2025-21682, CVE-2025-21678, CVE-2025-21664, CVE-2025-21653, CVE-2024-57938, CVE-2024-57932, CVE-2024-57931, CVE-2024-57929, CVE-2024-57922, CVE-2024-57903, CVE-2024-57899, CVE-2025-21673 , CVE-2025-21689 , CVE-2024-56548

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libexpat1

CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libtasn1

CVE-2024-12133

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

libxml2

CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

NGINX

CVE-2024-7347

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

OpenSSL

CVE-2024-5535, CVE-2023-50782, CVE-2024-2511, CVE-2024-13176

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

OpenTelemetry-Go

CVE-2023-45142, CVE-2023-47108, CVE-2024-41110

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

PostgreSQL libpq

CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

ps utility

CVE-2023-4016

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Requests

CVE-2024-35195, CVE-2023-32681

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

rsync

CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

setuptools

CVE-2024-6345

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

sqlite

CVE-2023-7104

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Sudo

CVE-2021-3156

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

systemd-resolved

CVE-2023-7008

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

ucode-intel

CVE-2024-31068, CVE-2024-36293, CVE-2024-37020, CVE-2024-39355, CVE-2024-21820, CVE-2024-21853, CVE-2024-23918

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

urllib3

CVE-2024-37891

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

WEBrick toolkit

CVE-2024-47220

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

X.Org and Xwayland

CVE-2025-26597

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

xz

CVE-2024-47611, CVE-2020-22916

https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-43914

Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

7.5

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43890

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43906

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43911

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43907

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43908

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43934

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

6.0

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43889

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43891

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43912

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43913

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

5.3

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-45375

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

4.4

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43905

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

4.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43909

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43910

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

2.3

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-43914

Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

7.5

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43890

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43906

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43911

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43907

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Path Traversal: '.../...//' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43908

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.

6.4

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43934

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Unauthorized access.

6.0

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43889

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43891

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an use of a Broken or Risky Cryptographic Algorithm vulnerability in the Authentication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43912

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43913

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DDOS. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

5.3

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-45375

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

4.4

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43905

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.

4.3

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43909

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Use of a Broken or Risky Cryptographic Algorithm vulnerability in the DD boost. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.

3.7

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

CVE-2025-43910

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer Overflow vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

2.3

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommande à tous les clients de prendre en compte à la fois le score de base CVSS et les scores temporels et environnementaux pertinents qui peuvent avoir un impact sur la gravité potentielle associée à une faille de sécurité donnée.

Produits concernés et mesure corrective

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-22397

DD OS 8.4

Dell PowerProtect Data Domain series appliances

Versions 7.7.1.0 through 8.4.0.0

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DDOS 7.10.1

Dell PowerProtect Data Domain series appliances

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43889

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.4.0.0

Version 8.5.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43914

DD OS 8.4

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 8.3.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 7.13.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DDOS 7.10.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Boost – File System | Dell US

CVE-2024-29171,  CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899, CVE-2024-7592, CVE-2024-2511, CVE-2024-37891, CVE-2023-32681, CVE-2024-47611, CVE-2024-6232, CVE-2020-22916, CVE-2024-3219, CVE-2024-6923, CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899,CVE-2024-7592, CVE-2024-2511,CVE-2024-37891,CVE-2023-32681,CVE-2024-47611,CVE-2024-6232,CVE-2020-22916,CVE-2024-3219,CVE-2024-6923,CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891,CVE-2025-43912,CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890 ,CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2025 8.3.1

Version 8.3.1.0

Version 8.3.1.10 or later

 Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977 ,CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906,  CVE-2025-43908, CVE-2025-43910

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-27516, CVE-2025-27363, CVE-2025-27113, CVE-2025-26597, CVE-2025-26465, CVE-2025-24928, CVE-2025-24528, CVE-2025-21753, CVE-2025-21700, CVE-2025-21690, CVE-2025-21689, CVE-2025-21682, CVE-2025-21678, CVE-2025-21673, CVE-2025-21664, CVE-2025-21653, CVE-2025-21640, CVE-2025-21639, CVE-2025-21638, CVE-2025-1125, CVE-2025-1118, CVE-2025-1094, CVE-2025-0725, CVE-2025-0690, CVE-2025-0689, CVE-2025-0686, CVE-2025-0685, CVE-2025-0684, CVE-2025-0678, CVE-2025-0677, CVE-2025-0624, CVE-2025-0622, CVE-2025-0395, CVE-2025-0167, CVE-2024-9681, CVE-2024-9287, CVE-2024-9143, CVE-2024-7347, CVE-2024-57938, CVE-2024-57932, CVE-2024-57931, CVE-2024-57929, CVE-2024-57922, CVE-2024-57903, CVE-2024-57899, CVE-2024-57896, CVE-2024-57890, CVE-2024-57884, CVE-2024-56769, CVE-2024-56763, CVE-2024-56759, CVE-2024-56748, CVE-2024-56747, CVE-2024-56739, CVE-2024-56737, CVE-2024-56722, CVE-2024-56700, CVE-2024-56688, CVE-2024-56681, CVE-2024-56662, CVE-2024-56661, CVE-2024-56658, CVE-2024-56650, CVE-2024-56647, CVE-2024-56643, CVE-2024-56641, CVE-2024-56637, CVE-2024-56633, CVE-2024-56630, CVE-2024-56623, CVE-2024-56615, CVE-2024-56605, CVE-2024-56601, CVE-2024-56600, CVE-2024-56594, CVE-2024-56593, CVE-2024-56574, CVE-2024-56548, CVE-2024-56539, CVE-2024-56533, CVE-2024-56532, CVE-2024-56369, CVE-2024-56326, CVE-2024-56201, CVE-2024-56171, CVE-2024-55916, CVE-2024-5535, CVE-2024-53239, CVE-2024-53227, CVE-2024-53217, CVE-2024-53197, CVE-2024-53185, CVE-2024-53173, CVE-2024-53155, CVE-2024-52533, CVE-2024-52332, CVE-2024-50602, CVE-2024-50304, CVE-2024-50251, CVE-2024-50142, CVE-2024-50115, CVE-2024-50073, CVE-2024-50067, CVE-2024-50058, CVE-2024-50047, CVE-2024-50045, CVE-2024-50036, CVE-2024-50035, CVE-2024-50033, CVE-2024-49975, CVE-2024-49963, CVE-2024-49950, CVE-2024-49948, CVE-2024-49884, CVE-2024-49867, CVE-2024-48881, CVE-2024-47809, CVE-2024-47701, CVE-2024-47220, CVE-2024-45783, CVE-2024-45782, CVE-2024-45781, CVE-2024-45780, CVE-2024-45779, CVE-2024-45778, CVE-2024-45777, CVE-2024-45776, CVE-2024-45775, CVE-2024-45774, CVE-2024-45492, CVE-2024-45491, CVE-2024-45490, CVE-2024-41110, CVE-2024-39355, CVE-2024-37020, CVE-2024-36293, CVE-2024-34459, CVE-2024-34397, CVE-2024-34064, CVE-2024-31068, CVE-2024-29172, CVE-2024-29171, CVE-2024-27397, CVE-2024-27388, CVE-2024-27054, CVE-2024-26931, CVE-2024-26930, CVE-2024-26929, CVE-2024-26810, CVE-2024-26644, CVE-2024-2511, CVE-2024-23918, CVE-2024-23307, CVE-2024-22195, CVE-2024-21853, CVE-2024-21820, CVE-2024-13176, CVE-2024-12747, CVE-2024-12133, CVE-2024-12088, CVE-2024-12087, CVE-2024-12086, CVE-2024-12085, CVE-2024-11187, CVE-2024-11053, CVE-2024-10979, CVE-2024-10978, CVE-2024-10977, CVE-2024-10976, CVE-2023-7008, CVE-2023-6606, CVE-2023-52924, CVE-2023-52853, CVE-2023-52653, CVE-2023-52646, CVE-2023-52572, CVE-2023-50782, CVE-2023-47108, CVE-2023-45142, CVE-2023-44487, CVE-2023-4016, CVE-2023-26112, CVE-2023-0394, CVE-2022-49661, CVE-2022-49626, CVE-2022-49490, CVE-2022-49247, CVE-2022-49201, CVE-2022-49182, CVE-2022-49178, CVE-2022-49151, CVE-2022-49135, CVE-2022-49134, CVE-2022-49124, CVE-2022-49089, CVE-2022-49080, CVE-2022-49076, CVE-2022-49043, CVE-2022-49006, CVE-2022-49002, CVE-2022-49000, CVE-2022-48997, CVE-2022-48992, CVE-2022-48991, CVE-2022-48988, CVE-2022-48985, CVE-2022-48978, CVE-2022-48975, CVE-2022-48973, CVE-2022-48972, CVE-2022-48971, CVE-2022-48969, CVE-2022-48967, CVE-2022-48966, CVE-2022-48962, CVE-2022-48960, CVE-2022-48958, CVE-2022-48956, CVE-2022-48953, CVE-2022-48951, CVE-2022-48949, CVE-2022-48946, CVE-2022-48809, CVE-2022-48790, CVE-2022-48789, CVE-2022-48788, CVE-2022-48664, CVE-2022-48650, CVE-2022-48636, CVE-2022-2991, CVE-2021-47644, CVE-2021-47634, CVE-2021-47612, CVE-2021-47416, CVE-2021-47223, CVE-2021-47222, CVE-2021-47163, CVE-2021-46936, CVE-2021-37159, CVE-2021-3156, CVE-2021-22543

DD OS 8.4

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVEs Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2025-22397

DD OS 8.4

Dell PowerProtect Data Domain series appliances

Versions 7.7.1.0 through 8.4.0.0

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-22397

DDOS 7.10.1

Dell PowerProtect Data Domain series appliances

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43889

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, Dell APEX Protection Storage, and Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.4.0.0

Version 8.5.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2025-43914

DD OS 8.4

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 8.3.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DD OS 7.13.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Boost – File System | Dell US

CVE-2025-43914

DDOS 7.10.1

Dell PowerProtect Data Domain boostFS for Linux Ubuntu systems with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Boost – File System | Dell US

CVE-2024-29171,  CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899, CVE-2024-7592, CVE-2024-2511, CVE-2024-37891, CVE-2023-32681, CVE-2024-47611, CVE-2024-6232, CVE-2020-22916, CVE-2024-3219, CVE-2024-6923, CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-39689, CVE-2025-27687, CVE-2024-35195, CVE-2022-40899,CVE-2024-7592, CVE-2024-2511,CVE-2024-37891,CVE-2023-32681,CVE-2024-47611,CVE-2024-6232,CVE-2020-22916,CVE-2024-3219,CVE-2024-6923,CVE-2024-6345, CVE-2023-7104, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891,CVE-2025-43912,CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2025 8.3.1

Versions 8.3.1.0

Version 8.3.1.10 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890, CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.13.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43890 ,CVE-2025-43906, CVE-2025-43911, CVE-2025-43907, CVE-2025-43908, CVE-2025-43934, CVE-2025-43891, CVE-2025-43912, CVE-2025-43913, CVE-2025-45375, CVE-2025-43905, CVE-2025-43909, CVE-2025-43910, CVE-2025-43889

DD OS 7.10.1

Dell PowerProtect Data Domain series appliances, Data Domain Virtual Edition, and Dell APEX Protection Storage with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for Data Domain Deduplication Storage Systems (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.4

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 8.3.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2025 8.3.1

Version 8.3.1.0

Version 8.3.1.10 or later

 Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977, CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906, CVE-2025-43908, CVE-2025-43910

DD OS 7.13.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions 7.13.1.0 through 7.13.1.30

Version 7.13.1.40 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2024-29171, CVE-2024-29172, CVE-2023-26112, CVE-2024-9681, CVE-2024-11053, CVE-2025-0725, CVE-2025-0167, CVE-2025-0395, CVE-2024-56326, CVE-2024-56201, CVE-2025-27516, CVE-2024-34064, CVE-2024-22195, CVE-2024-50602, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-34397, CVE-2024-13176, CVE-2025-1094, CVE-2024-10976, CVE-2024-10977 ,CVE-2024-10978, CVE-2024-10979, CVE-2023-4016, CVE-2024-9287, CVE-2024-12133, CVE-2023-7008, CVE-2025-26597, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2022-49043, CVE-2024-34459, CVE-2023-44487, CVE-2024-7347, CVE-2024-12085, CVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747, CVE-2025-43914, CVE-2025-43889, CVE-2025-43890, CVE-2025-43891, CVE-2025-43906,  CVE-2025-43908, CVE-2025-43910

DD OS 7.10.1

Dell PowerProtect Data Domain Management Center with Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions 7.10.1.0 through 7.10.1.60

Version 7.10.1.70 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)

CVE-2025-27516, CVE-2025-27363, CVE-2025-27113, CVE-2025-26597, CVE-2025-26465, CVE-2025-24928, CVE-2025-24528, CVE-2025-21753, CVE-2025-21700, CVE-2025-21690, CVE-2025-21689, CVE-2025-21682, CVE-2025-21678, CVE-2025-21673, CVE-2025-21664, CVE-2025-21653, CVE-2025-21640, CVE-2025-21639, CVE-2025-21638, CVE-2025-1125, CVE-2025-1118, CVE-2025-1094, CVE-2025-0725, CVE-2025-0690, CVE-2025-0689, CVE-2025-0686, CVE-2025-0685, CVE-2025-0684, CVE-2025-0678, CVE-2025-0677, CVE-2025-0624, CVE-2025-0622, CVE-2025-0395, CVE-2025-0167, CVE-2024-9681, CVE-2024-9287, CVE-2024-9143, CVE-2024-7347, CVE-2024-57938, CVE-2024-57932, CVE-2024-57931, CVE-2024-57929, CVE-2024-57922, CVE-2024-57903, CVE-2024-57899, CVE-2024-57896, CVE-2024-57890, CVE-2024-57884, CVE-2024-56769, CVE-2024-56763, CVE-2024-56759, CVE-2024-56748, CVE-2024-56747, CVE-2024-56739, CVE-2024-56737, CVE-2024-56722, CVE-2024-56700, CVE-2024-56688, CVE-2024-56681, CVE-2024-56662, CVE-2024-56661, CVE-2024-56658, CVE-2024-56650, CVE-2024-56647, CVE-2024-56643, CVE-2024-56641, CVE-2024-56637, CVE-2024-56633, CVE-2024-56630, CVE-2024-56623, CVE-2024-56615, CVE-2024-56605, CVE-2024-56601, CVE-2024-56600, CVE-2024-56594, CVE-2024-56593, CVE-2024-56574, CVE-2024-56548, CVE-2024-56539, CVE-2024-56533, CVE-2024-56532, CVE-2024-56369, CVE-2024-56326, CVE-2024-56201, CVE-2024-56171, CVE-2024-55916, CVE-2024-5535, CVE-2024-53239, CVE-2024-53227, CVE-2024-53217, CVE-2024-53197, CVE-2024-53185, CVE-2024-53173, CVE-2024-53155, CVE-2024-52533, CVE-2024-52332, CVE-2024-50602, CVE-2024-50304, CVE-2024-50251, CVE-2024-50142, CVE-2024-50115, CVE-2024-50073, CVE-2024-50067, CVE-2024-50058, CVE-2024-50047, CVE-2024-50045, CVE-2024-50036, CVE-2024-50035, CVE-2024-50033, CVE-2024-49975, CVE-2024-49963, CVE-2024-49950, CVE-2024-49948, CVE-2024-49884, CVE-2024-49867, CVE-2024-48881, CVE-2024-47809, CVE-2024-47701, CVE-2024-47220, CVE-2024-45783, CVE-2024-45782, CVE-2024-45781, CVE-2024-45780, CVE-2024-45779, CVE-2024-45778, CVE-2024-45777, CVE-2024-45776, CVE-2024-45775, CVE-2024-45774, CVE-2024-45492, CVE-2024-45491, CVE-2024-45490, CVE-2024-41110, CVE-2024-39355, CVE-2024-37020, CVE-2024-36293, CVE-2024-34459, CVE-2024-34397, CVE-2024-34064, CVE-2024-31068, CVE-2024-29172, CVE-2024-29171, CVE-2024-27397, CVE-2024-27388, CVE-2024-27054, CVE-2024-26931, CVE-2024-26930, CVE-2024-26929, CVE-2024-26810, CVE-2024-26644, CVE-2024-2511, CVE-2024-23918, CVE-2024-23307, CVE-2024-22195, CVE-2024-21853, CVE-2024-21820, CVE-2024-13176, CVE-2024-12747, CVE-2024-12133, CVE-2024-12088, CVE-2024-12087, CVE-2024-12086, CVE-2024-12085, CVE-2024-11187, CVE-2024-11053, CVE-2024-10979, CVE-2024-10978, CVE-2024-10977, CVE-2024-10976, CVE-2023-7008, CVE-2023-6606, CVE-2023-52924, CVE-2023-52853, CVE-2023-52653, CVE-2023-52646, CVE-2023-52572, CVE-2023-50782, CVE-2023-47108, CVE-2023-45142, CVE-2023-44487, CVE-2023-4016, CVE-2023-26112, CVE-2023-0394, CVE-2022-49661, CVE-2022-49626, CVE-2022-49490, CVE-2022-49247, CVE-2022-49201, CVE-2022-49182, CVE-2022-49178, CVE-2022-49151, CVE-2022-49135, CVE-2022-49134, CVE-2022-49124, CVE-2022-49089, CVE-2022-49080, CVE-2022-49076, CVE-2022-49043, CVE-2022-49006, CVE-2022-49002, CVE-2022-49000, CVE-2022-48997, CVE-2022-48992, CVE-2022-48991, CVE-2022-48988, CVE-2022-48985, CVE-2022-48978, CVE-2022-48975, CVE-2022-48973, CVE-2022-48972, CVE-2022-48971, CVE-2022-48969, CVE-2022-48967, CVE-2022-48966, CVE-2022-48962, CVE-2022-48960, CVE-2022-48958, CVE-2022-48956, CVE-2022-48953, CVE-2022-48951, CVE-2022-48949, CVE-2022-48946, CVE-2022-48809, CVE-2022-48790, CVE-2022-48789, CVE-2022-48788, CVE-2022-48664, CVE-2022-48650, CVE-2022-48636, CVE-2022-2991, CVE-2021-47644, CVE-2021-47634, CVE-2021-47612, CVE-2021-47416, CVE-2021-47223, CVE-2021-47222, CVE-2021-47163, CVE-2021-46936, CVE-2021-37159, CVE-2021-3156, CVE-2021-22543

DD OS 8.4

Dell PowerProtect Data Domain Management Center with SmartScale feature with Data Domain Operating System (DD OS) Feature Release

Versions 7.7.1.0 through 8.3.0.15

Version 8.4.0.0 or later

Support for PowerProtect Data Domain Management Center (Dell Support login required)
Note:

Historique des révisions

Revision

Date

Description

1.0

2025-10-01

Initial Release

2.0

2025-10-07

Updated Proprietary Code section — revised CVSS Base Score to 6.4 for CVE-2025-43908

3.0

2025-10-24

Updated for clarity with no major changes to content

4.0

2025-11-11

Updated Third Party Components and Affected Products and Remediation section: CVE-2025-22397

5.0

2025-12-02

Updated Affected Products and Remediation section: removed duplicate CVE ID: CVE-2020-13936

Informations connexes

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Mention légale

Produits concernés

Data Domain, Data Domain Boost – File System, Data Domain Boost - Open Storage, Data Domain Deduplication Storage Systems, Data Domain Encryption, Data Domain Extended Retention, Data Domain Replicator, Data Domain Retention Lock , Data Domain Virtual Tape Library, Data Domain Virtual Tape Library for IBM I/OS, DD OS, DD OS 7.10, DD OS 7.11, DD OS 7.12, DD OS 7.13, DD OS 8.1, DD OS 8.3, DD OS 8.4, DD OS 8.5, DD OS 8.0, DD OS Licensed Features, Data Domain Virtual Edition, PowerProtect Data Domain Management Center, PowerProtect Data Domain All-Flash Ready Node ...
Propriétés de l’article
Numéro d’article: 000376224
Type d’article: Dell Security Advisory
Dernière modification: 03 déc. 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.