CVE-2026-22274
Unknown
Unknown - Not Provided
Cleartext Transmission Vulnerability in Dell ECS and ObjectScale
Publication date: 2026-01-23
Last updated on: 2026-02-18
Assigner: Dell
Description
Description
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could potentially exploit this vulnerability to intercept and modify information in transit.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dell | elastic_cloud_storage | From 3.8.1.0 (inc) to 4.2.0.0 (exc) |
| dell | objectscale | to 4.2.0.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.2.0.0. It involves the cleartext transmission of sensitive information in the Fabric Syslog. An unauthenticated attacker with remote access could potentially intercept and modify information being transmitted.
How can this vulnerability impact me? :
The vulnerability could allow an unauthenticated remote attacker to intercept and modify sensitive information transmitted in cleartext, potentially leading to information disclosure and data integrity issues.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70