{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T10:19:52.817","vulnerabilities":[{"cve":{"id":"CVE-2026-22266","sourceIdentifier":"security_alert@emc.com","published":"2026-02-19T10:16:11.630","lastModified":"2026-02-20T16:36:07.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass."},{"lang":"es","value":"Dell PowerProtect Data Manager, versión(es) anterior(es) a la 19.22, contiene una vulnerabilidad de Verificación Incorrecta del Origen de un Canal de Comunicación en la API REST. Un atacante con altos privilegios con acceso remoto podría potencialmente explotar esta vulnerabilidad, lo que lleva a la elusión del mecanismo de protección."}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Primary","description":[{"lang":"en","value":"CWE-146"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:powerprotect_data_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"19.22","matchCriteriaId":"17D7AA01-F2D1-4DCF-BF83-0550AA9CC59A"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000429778/dsa-2026-046-security-update-for-dell-powerprotect-data-manager-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}}]}