HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2025-26476

CVSS 8.4v3.1pub. 2025-08-04upd. 2026-01-14

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dell Elastic Cloud Storage

    APP
    Dell
    < 3.8.1.5
  • Dell Objectscale

    APP
    Dell
    4.0.0.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2026-40636CRITICAL9.8PL ✓ten sam produkt

Dell ECS / ObjectScale — podatność hard-coded credentials umożliwiająca dostęp do systemu plików

CVE-2017-8021CRITICAL9.8ten sam produkt

EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could pot...

CVE-2026-28261HIGH7.8ten sam produkt

Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and ver...

CVE-2026-22271HIGH7.5ten sam produkt

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Clearte...

CVE-2026-22273HIGH8.8ten sam produkt

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of...

CVE-2025-26476 — Dell — Elastic Cloud Storage — HIGH — CVSS 8.4 | CVEbaza.pl