Improper Link Resolution Vulnerability in Dell PowerProtect Data Domain
CVE-2026-46468

4.4MEDIUM

Key Information:

Vendor

Dell

Vendor
CVE Published:
3 July 2026

What is CVE-2026-46468?

Dell PowerProtect Data Domain contains an improper link resolution vulnerability that affects several versions. This flaw allows an attacker with high privileges and local access to exploit the system, potentially leading to unauthorized information exposure. The flaw arises due to inadequate validation of symbolic links before file access, posing significant security risks to sensitive data managed by the affected products.

Affected Version(s)

PowerProtect Data Domain 0 < 8.8.0.0 or later

PowerProtect Data Domain 0 < 8.6.1.20 or later

PowerProtect Data Domain 0 < 8.3.1.40 or later

References

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.