Primary

Context

Dell ECS and ObjectScale Cleartext Transmission of Sensitive Information Vulnerability

Vulnerability

Patched

A vulnerability allowing cleartext transmission of sensitive information exists in Dell ECS versions 3.8.1.0 through 3.8.1.7, and in Dell ObjectScale versions prior to 4.2.0.0. This vulnerability could be exploited by an unauthenticated attacker with remote access, leading to unauthorized information exposure.

Impact

Exploitation of this vulnerability could result in unauthorized interception and exposure of sensitive information transmitted over the network.

Remediation

Users can upgrade to Dell ObjectScale version 4.2.0.0 or later. For ECS, version 4.2.0.0 or later is also recommended. Instructions for upgrading can be found by opening a Service Request for an Operating Environment Upgrade and quoting DSA-2026-047.

Added: Jan 23, 2026, 9:23 AM

Updated: Jan 23, 2026, 9:23 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.2

remediation

7.9

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.2

remediation

7.9

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell ECS and ObjectScale Cleartext Transmission of Sensitive Information Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell ECS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating