CNNVD-202508-247 Information

CNNVD ID

CNNVD-202508-247

Related CVE

CVE-2025-26476

• CNNVD Published: 2025-08-04

Description (Chinese)

Dell ECS是美国戴尔（Dell）公司的一款可扩展、易于管理且具有弹性的企业级对象存储解决方案。 Dell ECS 3.8.1.5之前版本和ObjectScale 4.0.0.0之前版本存在安全漏洞，该漏洞源于使用硬编码加密密钥，可能导致未经授权访问。

Description (English)

Dell ECS is a scalable, manageable and flexible enterprise-level object storage solution for Dell in the United States. There is a security loophole in the pre-Dell ECS 3.8.1.5 and pre-ObjectScale 4.0.0, which arises from the use of hard-coded encryption keys, which may lead to unauthorized access.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

戴尔

Published

2025-08-04

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000339134/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability

Patch

https://www.dell.com/support/kbdoc/en-us/000339134/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability