Dell ECS 3.8.1.03.8.1.7 / ObjScale <4.3.0.0: Geo Rep Auth Bypass: CVE-2025-43992 May 2026

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo replication. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data in transit.

Vulnerability Analysis

CVE-2025-43992 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

LOW

Weakness Type

Authentication Bypass by Assumed-Immutable Data

The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.

Products Associated with CVE-2025-43992

Want to know whenever a new CVE is published for Dell Objectscale? stack.watch will email you.

Dell ECS 3.8.1.03.8.1.7 / ObjScale <4.3.0.0: Geo Rep Auth Bypass
CVE-2025-43992 Published on May 11, 2026

Vulnerability Analysis

Weakness Type

Authentication Bypass by Assumed-Immutable Data

Products Associated with CVE-2025-43992

Affected Versions

Dell ECS 3.8.1.03.8.1.7 / ObjScale <4.3.0.0: Geo Rep Auth BypassCVE-2025-43992 Published on May 11, 2026

Vulnerability Analysis

Weakness Type

Authentication Bypass by Assumed-Immutable Data

Products Associated with CVE-2025-43992

Affected Versions

Dell ECS 3.8.1.03.8.1.7 / ObjScale <4.3.0.0: Geo Rep Auth Bypass
CVE-2025-43992 Published on May 11, 2026