CVE Catalog

CVE-2026-46467

MediumCVSS 5.8
Published: Translated: NVD NIST

Summary

A vulnerability in Dell PowerProtect Data Domain causes insertion of sensitive information into log files. A low-privileged attacker with local access could exploit this flaw to expose confidential data.

Risk Assessment

The risk involves potential leakage of sensitive information such as passwords or keys, which could enable further attacks on the backup infrastructure.

Recommendation

It is recommended to immediately update to the latest version of Dell PowerProtect Data Domain and restrict local system access to trusted users only.

Original NVD description (English source)

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS