Vulnerability Details CVE-2026-22266
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.4%
CVSS Severity
CVSS v3 Score 4.7
Products affected by CVE-2026-22266
-
cpe:2.3:a:dell:powerprotect_data_manager:-
-
cpe:2.3:a:dell:powerprotect_data_manager:1.0
-
cpe:2.3:a:dell:powerprotect_data_manager:1.1
-
cpe:2.3:a:dell:powerprotect_data_manager:19.1
-
cpe:2.3:a:dell:powerprotect_data_manager:19.10
-
cpe:2.3:a:dell:powerprotect_data_manager:19.11
-
cpe:2.3:a:dell:powerprotect_data_manager:19.12
-
cpe:2.3:a:dell:powerprotect_data_manager:19.13
-
cpe:2.3:a:dell:powerprotect_data_manager:19.14
-
cpe:2.3:a:dell:powerprotect_data_manager:19.15
-
cpe:2.3:a:dell:powerprotect_data_manager:19.16
-
cpe:2.3:a:dell:powerprotect_data_manager:19.17
-
cpe:2.3:a:dell:powerprotect_data_manager:19.18
-
cpe:2.3:a:dell:powerprotect_data_manager:19.19
-
cpe:2.3:a:dell:powerprotect_data_manager:19.2
-
cpe:2.3:a:dell:powerprotect_data_manager:19.20
-
cpe:2.3:a:dell:powerprotect_data_manager:19.21
-
cpe:2.3:a:dell:powerprotect_data_manager:19.3
-
cpe:2.3:a:dell:powerprotect_data_manager:19.4
-
cpe:2.3:a:dell:powerprotect_data_manager:19.5
-
cpe:2.3:a:dell:powerprotect_data_manager:19.6
-
cpe:2.3:a:dell:powerprotect_data_manager:19.7
-
cpe:2.3:a:dell:powerprotect_data_manager:19.8
-
cpe:2.3:a:dell:powerprotect_data_manager:19.9
-
cpe:2.3:a:dell:powerprotect_data_manager:2.0
-
cpe:2.3:a:dell:powerprotect_data_manager:2.1