CNNVD-202601-4136 Information

CNNVD ID

CNNVD-202601-4136

Related CVE

CVE-2026-22273

• CNNVD Published: 2026-01-23

Description (Chinese)

Dell ECS是美国戴尔（Dell）公司的一款可扩展、易于管理且具有弹性的企业级对象存储解决方案。 Dell ECS 3.8.1.0版本至3.8.1.7版本和Dell ObjectScale 4.2.0.0之前版本存在安全漏洞，该漏洞源于操作系统使用默认凭据，可能导致权限提升。

Description (English)

Dell ECS is a scalable, manageable and flexible enterprise-level object storage solution for Dell in the United States. There is a security loophole in Dell ECS versions 3.8.1.0 to 3.8.1.7 and prior to Dell ObjectScale 4.2.0.0, which stems from the use of default certificates in the operating system, which may lead to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

戴尔

Published

2026-01-23

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-us/000415880/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-us/000415880/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities