Dell Powerprotect Data Manager
By the Year
In 2024 there have been 2 vulnerabilities in Dell Powerprotect Data Manager with an average score of 8.0 out of ten. Last year Powerprotect Data Manager had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2024 as compared to last year. Last year, the average CVE base score was greater by 0.80
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 2 | 8.00 |
2023 | 1 | 8.80 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Powerprotect Data Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Powerprotect Data Manager Security Vulnerabilities
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability
CVE-2024-22445
7.2 - High
- February 13, 2024
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Shell injection
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords
CVE-2024-22454
8.8 - High
- February 13, 2024
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change
Weak Password Recovery Mechanism for Forgotten Password
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability
CVE-2023-28062
8.8 - High
- April 11, 2023
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Powerprotect Data Manager or by Dell? Click the Watch button to subscribe.