{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23775", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-01-16T06:05:50.872Z", "datePublished": "2026-04-17T08:22:59.899Z", "dateUpdated": "2026-04-17T11:01:10.107Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-17T08:22:59.899Z"}, "datePublic": "2026-04-15T18:30:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "type": "CWE"}]}], "affected": [{"vendor": "Dell", "product": "PowerProtect Data Domain appliances", "versions": [{"status": "affected", "version": "0", "lessThan": "8.6.0.0 or later", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "8.3.1.20 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled."}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-17T10:58:59.555432Z", "id": "CVE-2026-23775", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T11:01:10.107Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23775", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-17T10:58:59.555432Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-17T11:01:05.518Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "PowerProtect Data Domain appliances", "versions": [{"status": "affected", "version": "0", "lessThan": "8.6.0.0 or later", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "8.3.1.20 or later", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-04-15T18:30:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled.", "supportingMedia": [{"type": "text/html", "value": "Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-04-17T08:22:59.899Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23775", "state": "PUBLISHED", "dateUpdated": "2026-04-17T11:01:10.107Z", "dateReserved": "2026-01-16T06:05:50.872Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2026-04-17T08:22:59.899Z", "assignerShortName": "dell"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to credential exposures. Authentication attempts as the compromised user would need to be authorized by a high privileged DD user. This vulnerability only affects systems with retention lock enabled."}], "id": "CVE-2026-23775", "lastModified": "2026-04-17T09:16:05.153", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.5, "source": "security_alert@emc.com", "type": "Secondary"}]}, "published": "2026-04-17T09:16:05.153", "references": [{"source": "security_alert@emc.com", "url": "https://www.dell.com/support/kbdoc/en-us/000450699/dsa-2026-060-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "security_alert@emc.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-17T10:50:41.691373+00:00", "value": {"mitigation_remediation": ["Apply the Dell PowerProtect Data Domain security update released in the Dell Support article to patch affected DD OS versions 8.0\u20138.5 and 8.3.1.0\u20138.3.1.10.", "If the retention lock feature is not required for your environment, disable it to eliminate the attack surface; if it must remain enabled, ensure it is properly configured and monitored.", "Adjust logging configuration to prevent sensitive credentials from being written to log files and perform audit reviews to detect any instances of credential leakage."], "summary": {"action": "Immediate Patch", "impact": "Credential Exposure"}, "threat_synthesis": {"affected_systems": "The affected products are Dell PowerProtect Data Domain appliances using the Data Domain Operating System versions listed above. Only systems that have the retention lock feature enabled are vulnerable; products without this feature or running unsupported DD OS versions are not impacted.", "description_and_impact": "Dell PowerProtect Data Domain appliances running DD OS Feature Release 8.0 through 8.5 and LTS2025 release 8.3.1.0 through 8.3.1.10 are susceptible to a log injection flaw that can cause sensitive information, such as credentials, to be written to log files. An attacker with low privileges and remote access can exploit this flaw, potentially leaking credentials that the attacker could use to impersonate users or elevate privileges if subsequently authorized by a higher\u2011privileged user. This vulnerability qualifies as a confidentiality compromise and may enable credential theft.", "risk_and_exploitability": "The CVSS score of 7.6 indicates a high severity of the flaw. The EPSS score is not available, so the likelihood of exploitation is uncertain, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires remote access to a low\u2011privileged account and the presence of an enabled retention lock, conditions that may limit opportunistic attacks but still present a serious risk in environments where these features are common. Attackers could proceed by interacting with the appliance over the network and triggering the log recording of sensitive data."}}}}, "created": "2026-04-17T11:00:13.713006+00:00", "title": "Sensitive Data Leak via Log Injection in Dell PowerProtect Data Domain", "updated": "2026-04-17T11:00:13.713016+00:00", "vendors": []}