CVE-2026-56086
HIGHDell PowerProtect Data Domain - Incorrect Authorization
Title source: ruleDescription
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access.
References (1)
Core 1
Core References
Scores
CVSS v3
8.8
EPSS
0.0029
EPSS Percentile
20.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-863
Status
published
Products (5)
dell/data_domain_operating_system
7.7.1.0 - 7.13.1.80
Dell/PowerProtect Data Domain
< 7.13.1.80 or later
Dell/PowerProtect Data Domain
< 8.3.1.40 or later
Dell/PowerProtect Data Domain
< 8.6.1.20 or later
Dell/PowerProtect Data Domain
< 8.7.0.0 or later
Published
Jul 08, 2026
Tracked Since
Jul 08, 2026