Sensitive Information Exposure in Dell PowerProtect Cyber Recovery
CVE-2025-26335
5.8MEDIUM
Summary
Dell PowerProtect Cyber Recovery versions before 19.18.0.2 are vulnerable to an issue where sensitive information may be inserted into sent data. This could enable an attacker with high privileges and remote access to exploit the system effectively, leading to potential information exposure. It is crucial for users of the affected versions to apply the necessary updates to mitigate this risk and secure their sensitive data.
Affected Version(s)
PowerProtect Cyber Recovery < 19.18.0.2
References
CVSS V3.1
Score:
5.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved