cbcvebase.

Dell Elastic Cloud Storage vulnerabilities

25 known vulnerabilities affecting dell/elastic_cloud_storage.

Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH7MEDIUM15

Vulnerabilities

Page 2 of 2
CVE-2026-22276P4MEDIUMCVSS 5.5≥ 3.8.1.0, < 4.2.0.02026-01-23
CVE-2026-22276 [MEDIUM] CWE-312 CVE-2026-22276: Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
nvd
CVE-2025-30483P4MEDIUMCVSS 5.5fixed in 3.8.1.52025-07-15
CVE-2025-30483 [MEDIUM] CWE-532 CVE-2025-30483: Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive I Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
nvd
CVE-2024-38485P4MEDIUMCVSS 4.3fixed in 3.8.0.02024-12-09
CVE-2024-38485 [MEDIUM] CWE-601 CVE-2024-38485: Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-pr Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially exploit this vulnerability to trigger redirections that leads to sensitive information leakage.
nvd
CVE-2020-5317P4MEDIUMCVSS 4.8≥ unspecified, < 3.4.0.12020-02-06
CVE-2020-5317 [MEDIUM] CWE-79 CVE-2020-5317: Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated maliciou Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of
nvd
CVE-2026-22275P4MEDIUMCVSS 4.4≥ 3.8.1.0, < 4.2.0.02026-01-23
CVE-2026-22275 [MEDIUM] CWE-540 CVE-2026-22275: Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Inclusion of Sensitive Information in Source Code vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
nvd
Dell Elastic Cloud Storage vulnerabilities | cvebase