CVE-2025-43913
BaseFortify
Publication date: 2025-10-07
Last updated on: 2025-10-14
Assigner: Dell
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | data_domain_operating_system | From 7.7.1.0 (inc) to 7.10.1.70 (exc) |
| dell | data_domain_operating_system | From 7.13.1.0 (inc) to 7.13.1.40 (exc) |
| dell | data_domain_operating_system | From 8.3.0.0 (inc) to 8.3.0.15 (inc) |
| dell | data_domain_operating_system | From 8.3.1.0 (inc) to 8.3.1.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Dell PowerProtect Data Domain Operating System versions 7.7.1.0 through 8.3.0.15 and certain LTS releases. It involves the use of a broken or risky cryptographic algorithm, which can be exploited by an unauthenticated remote attacker. Exploiting this vulnerability could lead to information disclosure and enable phishing attacks that trick users into revealing sensitive information.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information. Attackers could exploit it remotely without authentication, potentially using the information to conduct phishing attacks that cause users to divulge confidential data.