Data Domain Administration Interface Local Privilege Escalation Vulnerability

Data Domain Administration Interface Local Privilege Escalation Vulnerability

Data Domain is prone to a local privilege-escalation vulnerability because the application fails to sanitize user-supplied input before passing it to a UNIX shell for execution.

An attacker can exploit this issue to install malicious software and execute arbitrary commands with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

This issue affects Data Domain 3.0.0 through 4.0.3.5.