{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-05T23:24:01.338","vulnerabilities":[{"cve":{"id":"CVE-2025-46644","sourceIdentifier":"security_alert@emc.com","published":"2026-01-09T16:16:06.610","lastModified":"2026-02-05T13:29:34.173","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS2023 release versions 7.10.1.0 through 7.10.1.70, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution."},{"lang":"es","value":"Dell PowerProtect Data Domain con Data Domain Operating System (DD OS) de las versiones de Feature Release 7.7.1.0 a 8.4.0.0, la versión LTS2025 8.3.1.10, las versiones LTS2024 7.13.1.0 a 7.13.1.40, las versiones LTS2023 7.10.1.0 a 7.10.1.70, contienen una vulnerabilidad de Neutralización Incorrecta de Elementos Especiales utilizados en un Comando del Sistema Operativo ('Inyección de Comandos del SO'). Un atacante con altos privilegios y acceso local podría potencialmente explotar esta vulnerabilidad, lo que llevaría a la ejecución de comandos."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.10.1.80","matchCriteriaId":"18AD8BC6-ABF7-4990-91C6-D228BBE4B9FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.13.1.0","versionEndExcluding":"7.13.1.50","matchCriteriaId":"00F138B9-4AB9-4B79-BBEC-F5A48E2E0B05"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.1.0","versionEndExcluding":"8.3.1.20","matchCriteriaId":"7B8DA06B-076A-495E-9BD0-246BF1E54E26"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:8.4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"FF73C39B-827B-4A68-9708-08345F6EF979"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}}]}