8.8
CVE-2026-23776
- EPSS 0.01%
- Veröffentlicht 17.04.2026 08:56:41
- Zuletzt bearbeitet 20.04.2026 18:17:46
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain(s) an Improper Certificate Validation vulnerability in certificate-based login. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Powerprotect Dp Series Appliance Version < 2.7.9
Dell ≫ Data Domain Operating System Version >= 7.7.1.0 < 7.13.1.70
Dell ≫ Data Domain Operating System Version >= 7.14.0.0 < 8.3.1.30
Dell ≫ Data Domain Operating System Version >= 8.4.0.0 < 8.6.0.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.013 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security_alert@emc.com | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.