VDB

CVE-2026-23776

CVE-2026-23776 PUBLISHED CVSS 7.199999809265137 HIGH

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain(s) an Improper Certificate Validation vulnerability in certificate-based login. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

EPSS 0.01% · 1.8th percentile

Risk Scores

CVSS v3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.01%
1.8th percentile

Affected Products

VendorProductVersions
DellPowerProtect Data Domain0, 0, 0

Timeline

  • Apr 17, 2026 CVE Published
  • Apr 17, 2026 PoC Published
  • Apr 17, 2026 PoC Published
  • Apr 18, 2026 Security Advisory
  • Apr 20, 2026 CVE Updated
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›