{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T00:50:48.608","vulnerabilities":[{"cve":{"id":"CVE-2025-36594","sourceIdentifier":"security_alert@emc.com","published":"2025-08-04T15:15:32.040","lastModified":"2025-10-16T14:39:36.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability."},{"lang":"es","value":"Dell PowerProtect Data Domain con el sistema operativo Data Domain (DD OS) de las versiones Feature Release 7.7.1.0 a 8.3.0.15, LTS2024 de las versiones 7.13.1.0 a 7.13.1.25 y LTS 2023 de las versiones 7.10.1.0 a 7.10.1.60, presenta una vulnerabilidad de omisión de autenticación por suplantación de identidad. Un atacante no autenticado con acceso remoto podría explotar esta vulnerabilidad, lo que podría provocar la omisión del mecanismo de protección. Un usuario remoto no autenticado puede crear una cuenta que exponga la información del cliente y afecte la integridad y la disponibilidad del sistema."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.10.1.70","matchCriteriaId":"7FCE50EA-F2B8-4455-A489-1947B0CBFEEA"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.13.1.0","versionEndExcluding":"7.13.1.30","matchCriteriaId":"5E7EC11C-C065-48D9-A036-5A17653D44EA"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndExcluding":"8.3.1.0","matchCriteriaId":"FED5FF21-99ED-4368-9F3B-CC9EA2E8AF57"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}}]}