Primary

Context

Dell ECS and ObjectScale Cleartext Storage of Sensitive Information Vulnerability

Vulnerability

Patched

A vulnerability allowing cleartext storage of sensitive information exists in Dell ECS versions 3.8.1.0 through 3.8.1.7, and in Dell ObjectScale versions prior to 4.2.0.0. This vulnerability could be exploited by a low-privileged attacker with local access, potentially leading to unauthorized information disclosure.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information.

Remediation

Users can upgrade to Dell ObjectScale version 4.2.0.0 or later. For Dell ECS, version 4.2.0.0 or later is recommended. Instructions for upgrading can be found on the Dell Support website.

Added: Jan 23, 2026, 10:18 AM

Updated: Jan 23, 2026, 10:18 AM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

3.8

remediation

7.7

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

3.8

remediation

7.7

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell ECS and ObjectScale Cleartext Storage of Sensitive Information Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Dell Elastic Cloud Storage

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating