Primary

Context

Dell ECS and ObjectScale Use of Default Credentials Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

A vulnerability allowing the use of default credentials has been identified in Dell ECS versions 3.8.1.0 through 3.8.1.7, and in Dell ObjectScale versions prior to 4.2.0.0. This vulnerability could be exploited by a low-privileged attacker with remote access, potentially leading to unauthorized elevation of privileges.

Impact

Exploitation of this vulnerability could result in unauthorized access and elevated privileges on the affected system.

Remediation

Customers using Dell ECS or ObjectScale can change default credentials by following the password change procedure outlined in the Dell ObjectScale 4.2.0.0 Security Configuration Guide. Those on ECS should upgrade to version 4.2.0.0 or later.

Added: Jan 23, 2026, 10:20 AM

Updated: Jan 23, 2026, 10:20 AM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

7.5

exploitability

6.6

remediation

7.9

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

7.5

exploitability

6.6

remediation

7.9

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell ECS and ObjectScale Use of Default Credentials Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

Dell Elastic Cloud Storage

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating