Dell

Elastic Cloud Storage

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-30483

  • EPSS 0.02%
  • Published 15.07.2025 14:30:20
  • Last modified 02.08.2025 01:26:33

Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Informati...

8.8

CVE-2025-26477

  • EPSS 0.1%
  • Published 17.04.2025 11:45:19
  • Last modified 01.08.2025 21:00:56

Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

6.5

CVE-2025-26478

  • EPSS 0.02%
  • Published 17.04.2025 11:37:44
  • Last modified 01.08.2025 20:55:44

Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.

6.5

CVE-2024-51540

  • EPSS 0.12%
  • Published 26.12.2024 16:15:29
  • Last modified 21.01.2025 21:30:52

Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An authenticated user with bucket or object-level access and the necessary privileges could potentially exploit this vulnera...

5.4

CVE-2024-52534

  • EPSS 0.1%
  • Published 25.12.2024 16:15:21
  • Last modified 21.01.2025 21:30:49

Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft.

4.3

CVE-2024-38485

  • EPSS 0.08%
  • Published 09.12.2024 15:15:14
  • Last modified 04.02.2025 16:07:54

Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage.

6.5

CVE-2024-30473

  • EPSS 0.15%
  • Published 18.07.2024 16:15:06
  • Last modified 04.02.2025 17:22:53

Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized end points.

6.5

CVE-2024-22459

  • EPSS 0.21%
  • Published 28.02.2024 09:15:43
  • Last modified 04.02.2025 17:26:52

Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to unauthoriz...

7.5

CVE-2023-25934

  • EPSS 0.07%
  • Published 04.05.2023 07:15:22
  • Last modified 29.01.2025 17:15:23

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.

10

CVE-2017-8021

  • EPSS 0.95%
  • Published 03.10.2017 01:29:03
  • Last modified 20.04.2025 01:37:25

EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system.