Dell Powerprotect Data Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Dell Powerprotect Data Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2024-22454 — CVSS 8.8 (high): Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A…
CVE-2023-28062 — CVSS 8.8 (high): Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low…
CVE-2025-43888 — CVSS 8.8 (high): Dell PowerProtect Data Manager, Hyper-V, version(s) 19.19 and 19.20, contain(s) an Insertion of Sensitive Information into Log File…
CVE-2025-43884 — CVSS 8.2 (high): Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS…
CVE-2026-22267 — CVSS 8.1 (high): Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged…
CVE-2025-23375 — CVSS 7.8 (high): Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect Use of Privileged APIs vulnerability. A low privileged…
CVE-2025-43885 — CVSS 7.8 (high): Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS…
CVE-2025-43725 — CVSS 7.8 (high): Dell PowerProtect Data Manager, Generic Application Agent, version(s) 19.19 and 19.20, contain(s) an Incorrect Default Permissions…
CVE-2020-5356 — CVSS 7.7 (high): Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper…
CVE-2024-22445 — CVSS 7.2 (high): Dell PowerProtect Data Manager, version 19.15 and prior versions, contain an OS command injection vulnerability. A remote high privileged…
CVE-2025-43887 — CVSS 7.0 (high): Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Incorrect Default Permissions vulnerability. A low…
CVE-2025-30480 — CVSS 6.5 (medium): Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation vulnerability in PowerProtect Data…
CVE-2026-22268 — CVSS 6.3 (medium): Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged…
CVE-2024-25971 — CVSS 5.5 (medium): Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker…
CVE-2025-43938 — CVSS 5.0 (medium): Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Plaintext Storage of a Password vulnerability. A high…
CVE-2026-22266 — CVSS 4.7 (medium): Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel…
CVE-2026-22269 — CVSS 4.7 (medium): Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel…
CVE-2025-43886 — CVSS 4.4 (medium): Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Path Traversal: '.../...//' vulnerability. A high…
CVE-2025-23377 — CVSS 4.2 (medium): Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. A…
CVE-2026-28264 — CVSS 3.3 (low): Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Resource…
CVE-2025-23376 — CVSS 2.3 (low): Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper Neutralization of Special Elements Used in…