DSA-2024-424: Security Update for Dell PowerProtect DD Vulnerability

Summary: Dell PowerProtect DD remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Additional Details

Version 7.7.5.50, 7.10.1.40, 7.13.1.10, 8.1.0.10 are not compatible with Avamar solutions. Please see below for more details. CVEs of Critical impact is CVE-2022-1996, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2024-23652, CVE-2024-23653, CVE-2019-14889, CVE-2022-29361

Details

Third-Party Component CVEs More information

Apache Tomcat

CVE-2024-24549, CVE-2024-23672

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Avahi

CVE-2023-38472, CVE-2023-38471, CVE-2023-38469

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

containerd

CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

cpio

CVE-2023-7207

See NVD link below for individual scores for CVE. https://nvd.nist.gov/

cryptography

CVE-2023-49083, CVE-2023-50782, CVE-2024-26130

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

curl

CVE-2023-46219, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Buildkit

CVE-2024-23651, CVE-2024-23652, CVE-2024-23653

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

fontTools

CVE-2023-45139

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

GNU Binutils

CVE-2017-16829, CVE-2018-7208, CVE-2022-48064

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Artifex Ghostscript

CVE-2023-46751

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

GNOME GLib

CVE-2021-27219

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

jackson-databind

CVE-2023-35116

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Jasper

CVE-2023-51257

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

LibTIFF

CVE-2022-1210, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Jinja

CVE-2024-22195

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Kernel

CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

less

CVE-2022-48624

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

util-linux

CVE-2024-28085

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Expat

CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

NCurse

CVE-2023-50495

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

nghttp2

CVE-2024-28182

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

OpenSSL

CVE-2023-5678, CVE-2024-0727

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

PostgreSQL

CVE-2024-0985

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Python

CVE-2023-6597, CVE-2024-0450, CVE-2023-52425, CVE-2023-27043, CVE-2023-40217

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libsqlite

CVE-2023-2137

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

libssh

CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

 

libxml

CVE-2023-45322, CVE-2024-25062

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Sqlalchemy mako

CVE-2022-40023

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

netpbm

CVE-2017-5849

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

pam

CVE-2024-22365

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Pillow

CVE-2023-50447, CVE-2024-28219

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

pip

CVE-2023-5752

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

ppp

CVE-2022-4603

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

runc

CVE-2024-21626

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Spring Boot

CVE-2023-34055

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Sudo

CVE-2023-42465

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

GNU tar

CVE-2023-39804

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Thymeleaf

CVE-2023-38286

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

TPM2

CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

W3M

CVE-2023-4255

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Werkzeug

CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

See NVD link below for individual scores for CVE.

https://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-48010 Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-45759 Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system. 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-48011 Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-48010 Dell PowerProtect DD, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to escalation of privilege on the application. 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-45759 Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system config of the application. Exploitation may lead to denial of service of system. 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
CVE-2024-48011 Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVE Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759 , CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS), LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 8.1

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-39804

DD OS 7.13

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.10

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

 Version 7.10.1.40 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.7

Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 8.1

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.8.0.0 through 8.1.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.13

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.10

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE Addressed

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759 , CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS), LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2024-24549, CVE-2024-23672, CVE-2022-32207, CVE-2022-32221, CVE-2023-38545, CVE-2023-23914, CVE-2023-27534, CVE-2023-27533, CVE-2022-42915, CVE-2022-22576, CVE-2023-28319, CVE-2022-27775, CVE-2022-27782, CVE-2022-42916, CVE-2022-43551, CVE-2022-27781, CVE-2022-32206, CVE-2023-23915, CVE-2022-27776, CVE-2023-23916, CVE-2022-43552, CVE-2022-32208, CVE-2023-27535, CVE-2023-27536, CVE-2023-28321, CVE-2023-28320, CVE-2022-27774, CVE-2023-27538, CVE-2022-32205, CVE-2023-28322, CVE-2022-35252, CVE-2023-38546

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS), LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 8.1

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.13

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.10

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2021-27219, CVE-2023-35116, CVE-2024-22195, CVE-2024-25062, CVE-2023-40217, CVE-2023-34055, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455

DD OS 7.7

Dell PowerProtect DD series appliances, Dell PowerProtect DD Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 8.1

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.7.1 through 8.0.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-39804

DD OS 7.13

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.10

Dell PowerProtect DD Management Center, Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

 Version 7.10.1.40 or later

 Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2024-48011, CVE-2023-49083, CVE-2023-50782, CVE-2024-26130, CVE-2023-45139, CVE-2024-22195, CVE-2024-26458, CVE-2024-26461, CVE-2022-48624, CVE-2023-52426, CVE-2022-25313, CVE-2024-28757, CVE-2023-52425, CVE-2023-50495, CVE-2024-28182, CVE-2024-0727, CVE-2024-0985, CVE-2023-6597, CVE-2024-0450, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-2283, CVE-2023-1667, CVE-2024-28085, CVE-2024-22365, CVE-2023-50447, CVE-2024-28219, CVE-2023-5752, CVE-2023-39804

DD OS 7.7

Dell PowerProtect DD Management Center, Data Domain Operating System (DD OS) LTS2022 7.7.5

Versions prior to 7.7.5.50

Version 7.7.5.50 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 8.1

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS)

Versions 7.8.0.0 through 8.1.0.0

Version 8.1.0.0 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.13

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2024 7.13.1

Versions prior to 7.13.1.10

Version 7.13.1.10 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)

CVE-2024-48010, CVE-2024-45759, CVE-2023-38472, CVE-2023-38471, CVE-2023-38469, CVE-2022-1996, CVE-2020-8694, CVE-2020-8695, CVE-2020-12912, CVE-2023-7207, CVE-2023-46218, CVE-2023-46219, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2017-16829, CVE-2018-7208, CVE-2022-48064, CVE-2023-46751, CVE-2023-51257, CVE-2022-1210, CVE-2024-22195, CVE-2023-0461, CVE-2023-5717, CVE-2023-31083, CVE-2023-39197, CVE-2023-39198, CVE-2023-45863, CVE-2023-45871, CVE-2023-20592, CVE-2024-28085, CVE-2024-0985, CVE-2023-27043, CVE-2023-2137, CVE-2019-14889, CVE-2020-1730, CVE-2020-16135, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-6004, CVE-2023-6918, CVE-2023-48795, CVE-2023-45322, CVE-2024-25062, CVE-2022-40023, CVE-2023-5049, CVE-2017-5849, CVE-2023-5678, CVE-2024-0727, CVE-2022-4603, CVE-2023-5752, CVE-2024-21626, CVE-2023-42465, CVE-2022-1622, CVE-2022-40090, CVE-2023-1916, CVE-2023-2731, CVE-2023-26965, CVE-2023-22745, CVE-2021-3565, CVE-2020-24455, CVE-2023-4255, CVE-2023-46136, CVE-2023-25577, CVE-2023-23934, CVE-2022-29361

DD OS 7.10

Dell PowerProtect DD Management Center with SmartScale feature, Data Domain Operating System (DD OS) LTS2023 7.10.1

Versions prior to 7.10.1.40

Version 7.10.1.40 or later

Support for DD OS | Drivers & Downloads (Dell Support login required)
Caution: Version 7.7.5.50, 7.10.1.40, 7.13.1.10, 8.1.0.10 are not compatible with Avamar solutions. Dell will release updated DD OS versions and an updated Dell Security Advisory containing remediation for Avamar customers. For more information, please refer to Avamar: Unable to add or edit Data Domain on recent DDOS and DDVE versions due to certificate restriction. Please follow security best practices to protect your Avamar appliance and monitor this advisory for updates. 
 
Note:
  1. PowerProtect DD: Software Versions : This KB article provides the status of the current active PowerProtect DD Operating System (DD OS) releases, along with links to the release notes. (Requires support.dell.com login to view article).
  2. Some security scanners may still report False Positive findings after upgrading to remediated DDOS versions.
  3. For more details, please refer to the respective False Positive KB articles:

Revision History

Revision

Date

Description

1.0

2024-11-06

Initial Release

2.0

2024-11-23

Updated for enhanced presentation with no changes to content

3.0

2024-11-23

Updated with information regarding compatibility with Avamar

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

Data Domain, DD OS, DD OS 7.10, DD OS 7.13, DD OS 7.7, DD OS 8.1, DD OS Licensed Features, Data Domain Virtual Edition, PowerProtect Data Domain Management Center, Integrated Data Protection Appliance Family
Article Properties
Article Number: 000245360
Article Type: Dell Security Advisory
Last Modified: 23 Nov 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.