DSA-2025-139: Dell Technologies PowerProtect Data Domain Security Update for a Security Vulnerability
摘要: Dell Technologies PowerProtect Data Domain remediation is available for a security vulnerability that could be exploited by malicious users to compromise the affected system.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
影响
High
详情
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2025-29987 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
|---|---|---|---|
| CVE-2025-29987 | Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges. | 8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
受影响的产品和补救措施
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|---|---|---|---|---|---|
|
CVE-2025-29987 |
DD OS 8.3 |
Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect Data Domain Operating System (DD OS) |
Versions 7.7.1.0 through 8.3.0.10 |
Version 8.3.0.15 or later |
PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article, |
|
CVE-2025-29987 |
DD OS 7.13.1 |
Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1 |
Versions 7.13.1.0 through 7.13.1.20 |
Version 7.13.1.25 or later |
PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article, |
|
CVE-2025-29987 |
DD OS 7.10.1 |
Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1 |
Versions 7.10.1.0 through 7.10.1.50 |
Version 7.10.1.60 or later |
PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article, |
|
CVE-2025-29987 |
PowerProtect DP Series Appliance (IDPA) |
PowerProtect DP Series Software |
Versions 2.7.6, 2.7.7, and 2.7.8 |
Versions 2.7.6, 2.7.7, and 2.7.8 with DD OS 7.10.1.60 |
|
|
CVE-2025-29987 |
Disk Library for mainframe DLm8500 |
PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 5.4.0.0 or later to upgrade with DD OS 7.10.1.60 |
Version 5.4.0.0 |
Version 5.4.0.0 or later with DD OS 7.10.1.60 |
|
|
CVE-2025-29987 |
Disk Library for mainframe DLm8700 |
PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 7.0.0.0 or later to upgrade with DD OS 7.10.1.60 |
Version 7.0.0.0 |
Version 7.0.0.0 or later with DD OS 7.10.1.60 |
|
| CVE-2025-29987 |
PowerProtect DM5500 |
PowerProtect Data Manager Appliance (DM5500) |
Versions 5.12 through 5.18.0.1 |
Version 5.19.0.0 or later |
|
CVEs Addressed |
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|---|---|---|---|---|---|
|
CVE-2025-29987 |
DD OS 8.3 |
Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Dell PowerProtect Data Domain Operating System (DD OS) |
Versions 7.7.1.0 through 8.3.0.10 |
Version 8.3.0.15 or later |
PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article, |
|
CVE-2025-29987 |
DD OS 7.13.1 |
Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2024 7.13.1 |
Versions 7.13.1.0 through 7.13.1.20 |
Version 7.13.1.25 or later |
PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article, |
|
CVE-2025-29987 |
DD OS 7.10.1 |
Dell PowerProtect Data Domain series appliances, Dell PowerProtect Data Domain Virtual Edition, Dell APEX Protection Storage, Data Domain Operating System (DD OS) LTS2023 7.10.1 |
Versions 7.10.1.0 through 7.10.1.50 |
Version 7.10.1.60 or later |
PowerProtect Data Domain Operating System (DD OS) Active Releases KB Article, |
|
CVE-2025-29987 |
PowerProtect DP Series Appliance (IDPA) |
PowerProtect DP Series Software |
Versions 2.7.6, 2.7.7, and 2.7.8 |
Versions 2.7.6, 2.7.7, and 2.7.8 with DD OS 7.10.1.60 |
|
|
CVE-2025-29987 |
Disk Library for mainframe DLm8500 |
PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 5.4.0.0 or later to upgrade with DD OS 7.10.1.60 |
Version 5.4.0.0 |
Version 5.4.0.0 or later with DD OS 7.10.1.60 |
|
|
CVE-2025-29987 |
Disk Library for mainframe DLm8700 |
PowerProtect Data Domain Operating System (DD OS) leveraged in the Disk Library for Mainframe (DLm) environment; DLm 7.0.0.0 or later to upgrade with DD OS 7.10.1.60 |
Version 7.0.0.0 |
Version 7.0.0.0 or later with DD OS 7.10.1.60 |
|
| CVE-2025-29987 |
PowerProtect DM5500 |
PowerProtect Data Manager Appliance (DM5500) |
Versions 5.12 through 5.18.0.1 |
Version 5.19.0.0 or later |
Caution: PowerProtect DP Series Appliance (IDPA): To remediate this vulnerability PowerProtect DP Series Appliances (IDPA) running versions 2.7.6, 2.7.7, and 2.7.8 must have DD OS upgraded to version 7.10.1.60. For comprehensive upgrade instructions, see the following Knowledge Base (KB) Articles: IDPA: Allowed Point Product Upgrades and PowerProtect Data Protection Appliance, IDPA: Procedure To Upgrade Protection Storage.
Note:
- PowerProtect Data Domain: Software Versions : This KB article provides the status of the current active PowerProtect Data Domain Operating System (DD OS) releases, along with links to the release notes. Requires https://support.dell.com/ login to view article).
- For instructions on how to upgrade PowerProtect Data Domain Operating System (DD OS), see PowerProtect Data Domain and DDVE: How to Upgrade the Data Domain Operating System
- For instructions on how to upgrade PowerProtect Data Domain High Availability (HA) Systems with specific DD OS release versions, see Data Domain: Information on DD OS upgrade to version 7.10.1.60, 7.13.1.25 or 8.3.0.15 on High Availability (HA) systems
- After upgrading to remediated PowerProtect Data Domain DD OS versions, certain security scanners may continue to generate false positive detections. For comprehensive information, see the relevant Knowledge Base (KB) articles on false positives:
修订历史记录
|
Revision |
Date |
Description |
|---|---|---|
|
1.0 |
2025-04-02 |
Initial Release |
|
2.0 |
2025-04-02 |
Updated for enhanced presentation with no changes to content |
| 3.0 | 2025-04-02 | Updated caution note details for IDPA, DD OS upgrade version is 7.10.1.60. |
| 4.0 | 2025-04-03 | Updated upgrade links for DD OS and IDPA, added IDPA upgrade instructional KB Articles. |
| 5.0 | 2025-04-03 | Updated Affected Products and Remediation section for PowerProtect DP Series Appliance (IDPA) upgrade instructions |
| 6.0 | 2025-04-04 | Updated the Affected Products and Remediation section: Added Disk Library for mainframe DLm8700 and Disk Library for mainframe DLm8500 upgrade details. |
| 7.0 | 2025-04-07 | Updated the Affected Products and Remediation section: Added PowerProtect DM5500 |
| 8.0 | 2025-04-28 | Updated Notes to include High Availability (HA) systems upgrade instruction link. |
| 9.0 | 2025-05-01 | Updated versioning for DM5500 |
相关信息
法律免责声明
受影响的产品
Data Domain, PowerProtect Data Protection Appliance, Disk Library, DD3300 Appliance, Data Domain Deduplication Storage Systems, DD OS, DD OS 7.10, DD OS 7.13, DD OS 7.8, DD OS 7.9, DD OS 8.1, DD OS 8.3, DD OS 8.0, DD OS Licensed Features
, Data Domain Virtual Edition, DD6300 Appliance, DD6400 Appliance, DD6800 Appliance, DD6900 Appliance, DD9300 Appliance, DD9400 Appliance, DD9410 Appliance, DD9800 Appliance, DD990 Appliance, DD9910 Appliance, Disk Library for mainframe DLm8500, Disk Library for mainframe DLm8700, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, Integrated Data Protection Appliance Software, PowerProtect DM5500
...
产品
PowerProtect Data Manager Appliance文章属性
文章编号: 000300899
文章类型: Dell Security Advisory
上次修改时间: 01 5月 2025
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。