Dell Dell

  1. Vendors
  2. Dell

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Dell product.

RSS Feeds for Dell security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Dell products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Dell Sorted by Most Security Vulnerabilities since 2018

Dell Powerscale Onefs92 vulnerabilities

Dell Wyse Management Suite50 vulnerabilities

Dell Unity Operating Environment45 vulnerabilities

Dell Data Domain Operating System38 vulnerabilities

Dell Smartfabric Os1032 vulnerabilities

Dell Unity29 vulnerabilities

Dell Bsafe Micro Edition Suite28 vulnerabilities

Dell Secure Connect Gateway27 vulnerabilities

Dell Supportassist For Home Pcs26 vulnerabilities

Dell Bsafe Crypto C Micro Edition19 vulnerabilities

Dell Supportassist For Business Pcs19 vulnerabilities

Dell Powerprotect Data Manager18 vulnerabilities

Dell Bsafe Ssl J18 vulnerabilities

Dell Unisphere Powermax Virtual Appliance17 vulnerabilities

Dell Cloudlink16 vulnerabilities

Dell Unisphere For Powermax16 vulnerabilities

Dell Alienware Command Center15 vulnerabilities

Dell Solutions Enabler Virtual Appliance15 vulnerabilities

Dell Supportassist13 vulnerabilities

Dell Recoverpoint Virtual Machines13 vulnerabilities

Dell Command Update12 vulnerabilities

Dell Policy Manager Secure Connect Gateway12 vulnerabilities

Dell Openmanage Enterprise12 vulnerabilities

Dell Networker11 vulnerabilities

Dell Elastic Cloud Storage11 vulnerabilities

Dell Bsafe Crypto J10 vulnerabilities

Dell Unity Xt Operating Environment10 vulnerabilities

Dell Unityvsa Operating Environment10 vulnerabilities

Dell Networking Os109 vulnerabilities

Dell Controlvault38 vulnerabilities

Dell Digital Delivery8 vulnerabilities

Dell Objectscale8 vulnerabilities

Dell Insightiq8 vulnerabilities

Dell Alienware Update7 vulnerabilities

Dell Avamar Server7 vulnerabilities

Dell Repository Manager7 vulnerabilities

Dell Openmanage Server Administrator7 vulnerabilities

Dell Encryption7 vulnerabilities

Dell Enterprise Sonic Distribution7 vulnerabilities

Dell Supportassist Os Recovery6 vulnerabilities

Dell Storage Manager6 vulnerabilities

Dell Display Manager6 vulnerabilities

Dell Emc Appsync6 vulnerabilities

Dell Update6 vulnerabilities

Dell Emc Idrac Service Module6 vulnerabilities

Dell Thinos6 vulnerabilities

Dell Endpoint Security Suite Enterprise6 vulnerabilities

Dell Appsync5 vulnerabilities

Dell Powerstoreos5 vulnerabilities

Dell Command Monitor5 vulnerabilities

Dell Data Lakehouse5 vulnerabilities

Dell Enterprise Sonic Os5 vulnerabilities

Dell Power Manager5 vulnerabilities

Dell Common Event Enabler4 vulnerabilities

Dell Powerprotect Cyber Recovery4 vulnerabilities

Dell Idrac94 vulnerabilities

Known Exploited Dell Vulnerabilities

The following Dell vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote attacker to gain unauthorized access to the underlying operating system and root-level persistence.
CVE-2026-22769 Exploit Probability: 34.2% 		February 18, 2026
Dell dbutil Driver Insufficient Access Control Vulnerability Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service, or information disclosure.
CVE-2021-21551 Exploit Probability: 59.9% 		March 31, 2022

2 known exploited Dell vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2026 there have been 64 vulnerabilities in Dell with an average score of 6.3 out of ten. Last year, in 2025 Dell had 204 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Dell in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.43




Year Vulnerabilities Average Score
2026 64 6.34
2025 204 6.77
2024 218 7.08
2023 168 6.97
2022 124 7.21
2021 139 6.94
2020 35 7.45
2019 54 7.32
2018 57 7.21

It may take a day or so for new Dell vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Dell Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-24510 Mar 11, 2026
Dell AWCC <6.12.24.0 Improper Privilege Mgmt -> LPE Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Alienware Command Center
CVE-2026-24508 Mar 11, 2026
Alienware Command Center 6.12.24.0 Improper Cert Validation Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Alienware Command Center
CVE-2026-24509 Mar 11, 2026
Dell AWCC <6.12.24.0: Improper Access Control (Low Priv) Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
Alienware Command Center
CVE-2026-26034 Mar 05, 2026
Incorrect Default Permissions in UPS MUMC 01.06.0001 (A03) SYSTEM Exec via DLL UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default Permissions (CWE-276) vulnerability that allows an attacker to execute arbitrary code with SYSTEM privileges by causing the application to load a specially crafted DLL.
CVE-2026-26033 Mar 05, 2026
MUMC v01.06.0001 Unquoted Search Path SYSTEM code exec UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Unquoted Search Path or Element (CWE-428) vulnerability, which allows a user with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges.
CVE-2026-26949 Mar 04, 2026
DDMA <26.02 Incorrect Auth Bypass Priv Esc (Dell) Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Incorrect Authorization vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-22760 Mar 04, 2026
Dell DDMA <26.02: Improper Check for Unusual Conditions DoS Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Improper Check for Unusual or Exceptional Conditions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of Service.
CVE-2026-22285 Mar 04, 2026
Dell DDMA <=26.02 Plaintext Password Storage Exploit Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plaintext Storage of Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized Access.
CVE-2026-25907 Mar 04, 2026
Dell PowerScale OneFS 9.13.0.0: Account Lockout Mechanism Vulnerability (DoS) Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
Powerscale Onefs
CVE-2026-21422 Mar 04, 2026
Dell PowerScale OneFS External Config Control (9.10.0.09.12.0.1) Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and versions 9.11.0.0 through 9.12.0.1, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass.
Powerscale Onefs
CVE-2026-21424 Mar 04, 2026
Dell PowerScale OneFS <9.10.1.6,9.12.0.1: Unnecessary Privilege Exec EoP Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Powerscale Onefs
CVE-2026-21421 Mar 04, 2026
Dell PowerScale OneFS PrivEsc (pre-9.10.1.6, 9.11.0.0-9.12.0.1) Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
Powerscale Onefs
CVE-2026-21426 Mar 04, 2026
Dell PowerScale OneFS Exec Priv Esc v<9.10.1.6, 9.11.0.09.12.0.1 Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, and information disclosure.
Powerscale Onefs
CVE-2026-21423 Mar 04, 2026
Dell PowerScale OneFS incorrect default perms in 9.10.1.5 and below Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to code execution, denial of service, elevation of privileges, and information disclosure.
Powerscale Onefs
CVE-2026-22270 Mar 04, 2026
Dell PowerScale OneFS <9.10.1.6 or 9.119.12 Uncontrolled Search Path (CVE202622270) Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, and information disclosure.
Powerscale Onefs
CVE-2026-21425 Mar 04, 2026
Dell PowerScale OneFS <9.10.1.6/9.11-9.12 PE via Local Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Powerscale Onefs
CVE-2026-25906 Mar 03, 2026
Dell Optimizer <6.3.1: Improper Link Res Before File Access (EoP) Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-24502 Mar 03, 2026
Dell Command | Intel vPro Uncontrolled Search Path Element in <4.7.0 (EoP) Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Command Intel Vpro Out Band
CVE-2026-22766 Feb 24, 2026
Dell Wyse Management Suite Unrestricted Upload of Dangerous File before 5.5 Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
Wyse Management Suite
CVE-2026-22765 Feb 24, 2026
Missing Auth in Dell WMS <5.5 Enables Priv Esc Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges.
Wyse Management Suite
CVE-2026-21420 Feb 23, 2026
Dell Repository Manager <3.4.8 Uncontrolled PATH Vulnerability Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution and escalation of privileges.
Repository Manager
CVE-2026-22267 Feb 19, 2026
Dell PowerProtect DM <19.22: Incorrect Priv Assignment (ELEV) Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
Powerprotect Data Manager
CVE-2026-22268 Feb 19, 2026
Dell PowerProtect DM <19.22: Incorrect Privilege Assignment (DoS) Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service of a Dell Enterprise Support connection.
Powerprotect Data Manager
CVE-2026-22266 Feb 19, 2026
Dell PowerProtect DM Improper Comm Channel Verification <19.22 (REST API) Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass.
Powerprotect Data Manager
CVE-2026-22269 Feb 19, 2026
Dell PowerProtect Data Manager <19.22 Improper Verif. of Channel Source Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of Source of a Communication Channel vulnerability in the REST API. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to protection mechanism bypass.
Powerprotect Data Manager
CVE-2026-26358 Feb 19, 2026
Dell Unisphere PowerMax 10.2 MA: Low Priv Remote Unauthorized Access Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
Unisphere For Powermax
CVE-2026-26360 Feb 19, 2026
Dell Unisphere for PowerMax v10.2: Extrl Control of File Name/Path Delete Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability to delete arbitrary files.
Unisphere For Powermax
CVE-2026-26359 Feb 19, 2026
Dell Unisphere for PowerMax 10.2 EAFP: External Control of File Name/Path Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files.
Unisphere For Powermax
CVE-2026-26362 Feb 19, 2026
Dell Unisphere for PowerMax 10.2 Relative Path Traversal Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files.
Unisphere For Powermax
CVE-2026-26361 Feb 19, 2026
Dell Unisphere for PowerMax 10.2: External Ctrl. File Name Path Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
Unisphere For Powermax
CVE-2026-22762 Feb 17, 2026
Dell Avamar V/E Path Traversal in Security (pre19.10 SP1) Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 SP1 with CHF338912, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary file delete.
Avamar Server
CVE-2026-22284 Feb 17, 2026
Dell SmartFabric OS10 <10.5.6.12: Cmd Injection Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Smartfabric Os10
CVE-2026-26357 Feb 17, 2026
Dell Unisphere PowerMax 9.2.4.X XSS Vulnerability (CVE-2026-26357) Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
Unisphere Powermax Virtual Appliance
Unisphere For Powermax
CVE-2025-36598 Feb 17, 2026
Dell Avamar <19.12 Path Traversal -> Upload Malicious Files Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to upload malicious files.
CVE-2026-22769 Feb 17, 2026
Dell RecoverPoint for VM <6.0.3.1 HF1 Hardcoded Credential Remote Exploit Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.
Recoverpoint Virtual Machines
CVE-2025-36597 Feb 17, 2026
Dell Avamar <19.12 patch 338905: Path Traversal in Security component Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure.
Avamar Server
CVE-2026-23861 Feb 17, 2026
Dell Unisphere for PowerMax vApp 9.2.4.x XSS (Improper Input Neutralization) Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
Unisphere For Powermax
CVE-2026-23857 Feb 12, 2026
Dell DUP Framework v23.1224.12 EOP via Insufficient Privileges Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2026-23856 Feb 12, 2026
Dell iSM Improper Access Control (Win<6.0.3.1, Linux<5.4.1.1) Escalation Dell iDRAC Service Module (iSM) for Windows, versions prior to 6.0.3.1, and Dell iDRAC Service Module (iSM) for Linux, versions prior to 5.4.1.1, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2026-21419 Feb 09, 2026
Dell Display & Peripheral Manager <2.2 Improper Link Following (CVE-2026-21419) Dell Display and Peripheral Manager (Windows) versions prior to 2.2 contain an Improper Link Resolution Before File Access ('Link Following') vulnerability in the Installer and Service. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges
CVE-2026-21418 Jan 30, 2026
Dell Unity OS Command Injection in v5.5.2 and before Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
Unity
CVE-2026-22277 Jan 30, 2026
Dell UnityVSA <5.4 OS Command Injection (Root Exploit) Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
Unity
CVE-2026-22764 Jan 29, 2026
Dell OpenManage Network Integration <3.9 Improper Auth Remote Info Exposure Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
CVE-2025-46691 Jan 28, 2026
Dell PremierColor Panel Driver <1.0.0.1 A01 Improper Access Control EIP Dell PremierColor Panel Driver, versions prior to 1.0.0.1 A01, contains an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-21417 Jan 27, 2026
Plaintext Password Storage in Dell CloudBoost VA <=19.14.0.0: Priv Escalation Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2025-46699 Jan 23, 2026
Dell DP Advisor <19.12 Improper Escaping in Template Engine (Info Disclosure) Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
CVE-2026-22276 Jan 23, 2026
Dell ECS & ObjScale Cleartext Sensitive Info (3.8.1.0-3.8.1.7,<4.2.0.0) Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
Objectscale
CVE-2026-22275 Jan 23, 2026
Dell ECS 3.8.1.x Info Exposure via Local Source Code Leak Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Inclusion of Sensitive Information in Source Code vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Objectscale
CVE-2026-22274 Jan 23, 2026
Dell ECS 3.8.x Cleartext Transmission via Fabric Syslog Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and modify information in transit.
Objectscale
CVE-2026-22273 Jan 23, 2026
Use of Default Credentials in Dell ECS 3.8.1.03.8.1.7 / ObjectScale <4.2.0.0 OS Priv. Escalation Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
Objectscale
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.