{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22285", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "state": "PUBLISHED", "assignerShortName": "dell", "dateReserved": "2026-01-07T07:17:24.537Z", "datePublished": "2026-03-04T16:01:20.471Z", "dateUpdated": "2026-03-04T17:17:20.916Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Device Management Agent (DDMA)", "vendor": "Dell", "versions": [{"lessThan": "26.02", "status": "affected", "version": "N/A", "versionType": "semver"}]}], "datePublic": "2026-03-03T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access."}], "value": "Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-256", "description": "CWE-256: Plaintext Storage of a Password", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-03-04T16:01:20.471Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000429177/dsa-2026-105"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-04T17:16:40.636712Z", "id": "CVE-2026-22285", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T17:17:20.916Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22285", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-04T17:16:40.636712Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-04T17:17:00.555Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Dell", "product": "Device Management Agent (DDMA)", "versions": [{"status": "affected", "version": "N/A", "lessThan": "26.02", "versionType": "semver"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-03T18:00:00.000Z", "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000429177/dsa-2026-105", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.", "supportingMedia": [{"type": "text/html", "value": "Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-256", "description": "CWE-256: Plaintext Storage of a Password"}]}], "providerMetadata": {"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell", "dateUpdated": "2026-03-04T16:01:20.471Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22285", "state": "PUBLISHED", "dateUpdated": "2026-03-04T17:17:20.916Z", "dateReserved": "2026-01-07T07:17:24.537Z", "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "datePublished": "2026-03-04T16:01:20.471Z", "assignerShortName": "dell"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dell:device_management_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DB3A889-D235-4E49-A38F-A724CE03FF52", "versionEndExcluding": "26.02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access."}], "id": "CVE-2026-22285", "lastModified": "2026-03-05T18:15:03.473", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "security_alert@emc.com", "type": "Secondary"}]}, "published": "2026-03-04T16:16:27.443", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://www.dell.com/support/kbdoc/en-us/000429177/dsa-2026-105"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-256"}], "source": "security_alert@emc.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.02)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Device Management Agent (DDMA)", "source": "cna", "vendor": "Dell"}, "product": "device_management_agent_(ddma)", "vendor": "dell"}], "analysis": {"en": {"generated_at": "2026-04-16T13:33:28.519294+00:00", "value": {"mitigation_remediation": ["Upgrade Dell Device Management Agent to version 26.02 or later, which removes plaintext password storage.", "Re\u2011configure any remaining DDMA installations to force password hashing or encryption, removing existing clear\u2011text credential files.", "Restrict local privileged accounts and enforce least\u2011privilege policies to limit the ability of users to read configuration files containing sensitive data."], "summary": {"action": "Apply Patch", "impact": "Unauthorized Access"}, "threat_synthesis": {"affected_systems": "The flaw affects Dell Device Management Agent versions earlier than 26.02. Any system running those builds is vulnerable; newer builds contain the fix.", "description_and_impact": "Dell Device Management Agent (DDMA) stores user passwords in clear text on the file system, a weakness that falls under the category of plain text password storage (CWE\u2011256). If an attacker gains local access with high privilege, they can read these credentials and use them to log in to the agent or related services, effectively obtaining unauthorized access to the device. The vulnerability does not expose a direct remote code execution path, but it compromises confidentiality and the integrity of authentication credentials.", "risk_and_exploitability": "The CVSS score of 4.4 indicates a low severity, and the EPSS score of less than 1 percent shows that the likelihood of exploitation is very small. The vulnerability is not listed in the CISA KEV catalog. However, because exploitation requires local high\u2011privileged access, the risk is elevated within compromised or physically accessible environments. Attackers would need to compromise local credentials or gain local administrative privileges to read the plaintext file and obtain credentials for the agent. Once obtained, they could gain full control over the device management agent's functionality."}}}}, "created": "2026-03-05T09:08:36.538544+00:00", "title": "Plaintext Password Storage in Dell Device Management Agent Enables Local Unauthorized Access", "updated": "2026-04-16T13:45:21.942983+00:00", "vendors": ["dell", "dell$PRODUCT$device_management_agent_(ddma)"]}