6.5
CVE-2025-26478
- EPSS 0.04%
- Veröffentlicht 17.04.2025 11:37:44
- Zuletzt bearbeitet 01.08.2025 20:55:44
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Elastic Cloud Storage Version <= 3.8.1.4
Dell ≫ Objectscale Version < 4.0.0.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.128 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| security_alert@emc.com | 3.1 | 1.6 | 1.4 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.