4.9

CVE-2025-46676

EPSS 0.02%
Veröffentlicht 09.01.2026 15:48:40
Zuletzt bearbeitet 05.02.2026 13:28:12
Quelle security_alert@emc.com
CVE-Watchlists
Login
Unerledigt
Login

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dell ≫ Data Domain Operating System Version >= 7.7.1.0 < 7.10.1.80

Dell ≫ Data Domain Operating System Version >= 7.13.1.0 < 7.13.1.50

Dell ≫ Data Domain Operating System Version >= 8.3.1.0 < 8.3.1.20

Dell ≫ Data Domain Operating System Version8.4.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.027

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
security_alert@emc.com	2.7	1.2	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-46676

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-46676

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-46676

EUVD