CVE Catalog

CVE-2026-46468

MediumCVSS 4.4
Published: Translated: NVD NIST

Summary

A vulnerability in Dell PowerProtect Data Domain allows a high privileged attacker with local access to exploit improper link resolution before file access, potentially leading to information exposure.

Risk Assessment

The risk involves potential leakage of sensitive data by an attacker with high privileges, which could compromise information security within the organization.

Recommendation

It is recommended to immediately update Dell PowerProtect Data Domain to the latest available version that fixes this vulnerability and restrict local access to the system.

Original NVD description (English source)

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('Link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS