Dell Elastic Cloud Storage — known CVE vulnerabilities
Every CVE whose affected-product data names Dell Elastic Cloud Storage, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2017-8021 — CVSS 9.8 (critical): EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could potentially be leveraged by…
CVE-2026-40636 — CVSS 9.8 (critical): Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials…
CVE-2026-22273 — CVSS 8.8 (high): Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials…
CVE-2025-26476 — CVSS 8.4 (high): Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An…
CVE-2024-51540 — CVSS 8.1 (high): Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. An…
CVE-2026-28261 — CVSS 7.8 (high): Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0.0, contains an…
CVE-2026-22271 — CVSS 7.5 (high): Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive…
CVE-2024-22459 — CVSS 6.8 (medium): Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access control…
CVE-2026-26946 — CVSS 6.7 (medium): Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management…
CVE-2026-22274 — CVSS 6.5 (medium): Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive…
CVE-2023-25934 — CVSS 5.9 (medium): DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to…
CVE-2022-31231 — CVSS 5.9 (medium): Dell ECS, versions 3.5 and 3.6, contain an Improper Access Control in the Identity and Access Management (IAM) module. A remote…
CVE-2026-35157 — CVSS 5.8 (medium): Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula…
CVE-2025-43992 — CVSS 5.6 (medium): Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by…
CVE-2025-30483 — CVSS 5.5 (medium): Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability…
CVE-2026-22276 — CVSS 5.5 (medium): Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Storage of Sensitive…
CVE-2024-52534 — CVSS 5.4 (medium): Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker…
CVE-2024-30473 — CVSS 4.9 (medium): Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could…
CVE-2026-22275 — CVSS 4.4 (medium): Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Inclusion of Sensitive Information…
CVE-2024-38485 — CVSS 4.3 (medium): Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low-privileged attacker could potentially…
CVE-2025-26477 — CVSS 4.3 (medium): Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low privileged attacker with remote access could…
CVE-2025-26478 — CVSS 3.1 (low): Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent…