CVE-2026-22271
Unknown
Unknown - Not Provided
Cleartext Transmission Vulnerability in Dell ECS and ObjectScale
Publication date: 2026-01-23
Last updated on: 2026-02-18
Assigner: Dell
Description
Description
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information exposure.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | elastic_cloud_storage | From 3.8.1.0 (inc) to 4.2.0.0 (exc) |
| dell | objectscale | to 4.2.0.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves Dell ECS (versions 3.8.1.0 through 3.8.1.7) and Dell ObjectScale (versions prior to 4.2.0.0) transmitting sensitive information in cleartext. An unauthenticated attacker with remote access could exploit this to gain access to sensitive information.
How can this vulnerability impact me? :
Exploitation of this vulnerability could lead to exposure of sensitive information, potentially compromising confidentiality, integrity, and availability of data and systems.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70