Vulnerability Details CVE-2025-43889
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4, LTS2024 release Versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.4%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2025-43889
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.30
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.40
-
cpe:2.3:o:dell:data_domain_operating_system:7.10.1.50
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.10
-
cpe:2.3:o:dell:data_domain_operating_system:7.13.1.20
-
cpe:2.3:o:dell:data_domain_operating_system:7.7.1.0
-
cpe:2.3:o:dell:data_domain_operating_system:7.7.5.40
-
cpe:2.3:o:dell:data_domain_operating_system:7.7.5.50
-
cpe:2.3:o:dell:data_domain_operating_system:7.8.0.0
-
cpe:2.3:o:dell:data_domain_operating_system:8.1.0.0
-
cpe:2.3:o:dell:data_domain_operating_system:8.1.0.10
-
cpe:2.3:o:dell:data_domain_operating_system:8.3.0.0