PT-2025-37071 · Dell · Dell Powerprotect Data Manager
Published
2025-04-20
·
Updated
2025-10-20
·
CVE-2025-43938
CVSS v3.1
5.0
Medium
| Vector | AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Dell PowerProtect Data Manager versions 19.19 and 19.20
Description:
Dell PowerProtect Data Manager, running on Hyper-V, contains a vulnerability related to the plaintext storage of passwords. A high-privileged attacker with local access could potentially disclose user credentials. The attacker may be able to use the exposed credentials to gain unauthorized access with the privileges of the compromised account.
Recommendations:
For Dell PowerProtect Data Manager version 19.19, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Dell PowerProtect Data Manager version 19.20, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Powerprotect Data Manager