Dell Ecs
15 CVEs affecting Dell Ecs. Latest disclosed: 2026-05-22. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40636 | Critical | 9.8 | 2026-05-11 | Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenti… |
CVE-2025-26476 | High | 8.4 | 2025-08-04 | Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with… |
CVE-2024-51540 | High | 8.1 | 2024-12-26 | Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket… |
CVE-2024-22459 | Medium | 6.8 | 2024-02-28 | Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access control vulnerability. A remote h… |
CVE-2026-26946 | Medium | 6.7 | 2026-05-11 | Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A… |
CVE-2022-31231 | Medium | 5.9 | 2026-05-22 | Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote unauthenticated attacker may po… |
CVE-2023-25934 | Medium | 5.9 | 2023-05-04 | DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the requ… |
CVE-2026-35157 | Medium | 5.8 | 2026-05-11 | Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File… |
CVE-2025-43992 | Medium | 5.6 | 2026-05-11 | Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerabi… |
CVE-2025-30483 | Medium | 5.5 | 2025-07-15 | Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged at… |
CVE-2024-52534 | Medium | 5.4 | 2024-12-25 | Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access co… |
CVE-2024-30473 | Medium | 4.9 | 2024-07-18 | Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit… |
CVE-2025-26477 | Medium | 4.3 | 2025-04-17 | Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low privileged attacker with remote access could potentially exploit t… |
CVE-2024-38485 | Medium | 4.3 | 2024-12-09 | Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerabil… |
CVE-2025-26478 | Low | 3.1 | 2025-04-17 | Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could pot… |