ГлавнаяУязвимости → CVE-2025-29987
8.8высокая

CVE-2025-29987

Описание

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a trusted remote client could exploit this vulnerability to execute arbitrary commands with root privileges.

Затрагиваемое ПО
Dell Powerprotect data domainDell Data domain operating systemDell Powerprotect dm5500 firmwareDell Powerprotect dm5500
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.dell.com/support/kbdoc/en-us/000300899/dsa-2025-139-dell-technologies-powerprotect-data-domain-security-update-for-a-security-vulnerability