CVE-2026-46730
MEDIUM
4.2
CVSS 3.1
Description
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized command execution.
Metadata
Severity & Metrics
4.2
MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Dell | PowerProtect Data Domain | — | 0 < 8.8.0.0 or later, 0 < 8.6.1.20 or later, 0 < 8.3.1.40 or later, 0 < 7.13.1.80 or later |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-863 | cna | CWE-863: Incorrect Authorization |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 4.2 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |