PT-2026-20778 · Dell · Dell Powerprotect Data Manager

Published

2026-02-19

Updated

2026-02-19

CVE-2026-22266

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Manager versions prior to 19.22

Description Dell PowerProtect Data Manager contains an Improper Verification of Source of a Communication Channel issue in the REST API. A high privileged attacker with remote access could potentially bypass protection mechanisms. The vulnerable component is the REST API.

Recommendations Update Dell PowerProtect Data Manager to version 19.22 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-146

Related Identifiers

CVE-2026-22266

Affected Products

Dell Powerprotect Data Manager

PT-2026-20778 · Dell · Dell Powerprotect Data Manager

CVE-2026-22266

Weakness Enumeration

Related Identifiers

Affected Products

References · 5