Dell Elastic Cloud Storage, version 3.8.1.7 and prior, and Dell ObjectScale, versions prior to 4.1.0.3 and version 4.2.0.0, contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to secret exposure. The attacker may be able to use the exposed secret to access the vulnerable system with privileges of the compromised account.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HDell Elastic Cloud Storage
APPDell< 4.2.0.1Dell Objectscale
APPDell4.2.0.0< 4.1.0.3
Related vulnerabilities
Dell ECS / ObjectScale — podatność hard-coded credentials umożliwiająca dostęp do systemu plików
EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability that could pot...
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of...
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Clearte...
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key...