13 matches found
CVE-2025-26478
Dell ECS vulnerable? CVE-2025-26478 affects Dell ECS 3.8.1.4 and earlier. The root cause is improper certificate validation in the server, enabling an unauthenticated attacker with adjacent network access to cause information disclosure. Exploitation details are not provided in the linked documen...
CVE-2025-26477
CVE-2025-26477 affects Dell ECS up to version 3.8.1.4: an Improper Input Validation vulnerability that could allow a low-privileged, remotely authenticated attacker to achieve code execution. The connected documents confirm the affected software and the root cause (input validation error) with a ...
CVE-2025-30483
CVE-2025-30483 affects Dell ECS prior to 3.8.1.5 and Dell ObjectScale prior to 4.0.0.0, where an insertion of sensitive information into log files may allow a low-privilege, local attacker to disclose information. The NVD-derived CVSSv3.1 base score is 5.5 (Medium) with LOCAL, LOW complexity, and...
CVE-2026-22275
Dell ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (versions prior to 4.2.0.0) have an Inclusion of Sensitive Information in Source Code vulnerability. A low-privileged attacker with local access could exploit this to expose information. CVSSv3.1 base score 4.4 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/...
CVE-2026-22273
Dell ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (versions prior to 4.2.0.0) contain a Use of Default Credentials vulnerability in the OS. A low-privileged, remote attacker could potentially exploit this to achieve Elevation of Privileges. Remediation: upgrade Dell ECS to a newer version ...
CVE-2025-43992
CVE-2025-43992 affects Dell EMC: Dell ECS versions 3.8.1.0–3.8.1.7 and Dell ObjectScale versions before 4.3.0.0. The issue is an authentication bypass via assumed-immutable data in Geo replication, allowing an unauthenticated attacker with remote access to potentially access data in transit. The ...
CVE-2026-35157
Dell ECS 3.8.1.0–3.8.1.7 and Dell ObjectScale
CVE-2026-22274
CVE-2026-22274 affects Dell EMC/Dell ObjectScale: Dell ECS versions 3.8.1.0–3.8.1.7 and Dell ObjectScale prior to 4.2.0.0 contain a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated remote attacker could intercept and modify information in tran...
CVE-2026-22271
CVE-2026-22271 affects Dell ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (versions prior to 4.2.0.0). The issue is cleartext transmission of sensitive information accessible via remote, unauthenticated access, potentially exposing data. Exploitation appears to be network-based with high im...
CVE-2026-22276
CVE-2026-22276 affects Dell ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (versions before 4.2.0.0). The issue is a Cleartext Storage of Sensitive Information vulnerability that can lead to information disclosure. Exploitation is described as possible by a low-privileged attacker with local...
CVE-2026-26946
CVE-2026-26946 affects Dell EMC ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (prior to 4.3.0.0). The issue is an improper privilege management vulnerability in the operating system. A high-privileged attacker with local access could potentially exploit this to achieve elevation of privileg...
CVE-2026-40636
Dell ECS (3.8.1.0–3.8.1.7) and Dell ObjectScale versions before 4.3.0.0 contain a hard-coded credential issue. An unauthenticated, locally-accessible attacker could potentially obtain filesystem access. CVSS 3.1 base score 9.8 (CRITICAL) indicates high impact on confidentiality, integrity, and av...
CVE-2026-28261
CVE-2026-28261 affects Dell Elastic Cloud Storage (DE) 3.8.1.7 and earlier and Dell ObjectScale: affected ObjectScale versions prior to 4.1.0.3 and 4.2.0.0. It is a local, low-privilege accessible vulnerability that can cause insertion of sensitive information into log files, potentially exposing...