CVE-2025-43727
HIGHDescription
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an incorrect Implementation of Authentication Algorithm vulnerability in the RestAPI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
Is your site exposed to CVE-2025-43727?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dell | data_domain_operating_system |
| dell | data_domain_operating_system |
| dell | data_domain_operating_system |
References
Frequently Asked Questions
What is CVE-2025-43727? +
How severe is CVE-2025-43727? +
What products are affected by CVE-2025-43727? +
How do I check if I'm vulnerable to CVE-2025-43727? +
Related Vulnerabilities
An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when …
immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking …
Python Social Auth is a social authentication/registration mechanism. In versions prior to 5.6.0, upon authentication, the user could be associated …
An Incorrect Implementation of Authentication Algorithm and Exposure of Data Element to Wrong Ses-sion vulnerability in the session handling used …
SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned …
UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Identity deployment. In …