DSA-2025-242: Security Update for Dell ECS and Dell ObjectScale Insertion of Sensitive Information into Log File Vulnerability

Resumen: Dell ECS and Dell ObjectScale remediation is available for Insertion of Sensitive Information into Log File that could be exploited by malicious users to compromise the affected system. ...

Este artículo se aplica a: Este artículo no se aplica a: Este artículo no está vinculado a ningún producto específico. En este artículo no se identifican todas las versiones de los productos.

Impacto

Medium

Información adicional

This Security Advisory communicates vulnerabilities affecting ECS versions prior to 3.8.1.5 and ObjectScale version 4.0.0.0 only when data replication to external cloud targets is configured. To address these vulnerabilities, customers must upgrade to a remediated version.

Detalles

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-30483 Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-30483 Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recomienda que todos los clientes tengan en cuenta la puntuación base CVSS y las puntuaciones temporales o de entorno relevantes que puedan afectar a la posible gravedad asociada a una determinada vulnerabilidad de seguridad.

Productos afectados y corrección

Product Affected Versions Remediated Versions Link
Dell ECS Versions prior to 3.8.1.5 Version 3.8.1.5 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242
Dell ObjectScale Version 4.0.0.0 Version 4.0.0.1 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242

 

Product Affected Versions Remediated Versions Link
Dell ECS Versions prior to 3.8.1.5 Version 3.8.1.5 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242
Dell ObjectScale Version 4.0.0.0 Version 4.0.0.1 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242

 

Note:

  1. Dell recommends all customers have their ObjectScale/ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request.
  2. Please visit the Security Update Release Schedule for Supported Versions of ObjectScale (formerly ECS) for more information regarding upcoming security releases.

Soluciones alternativas y mitigaciones

None

Historial de revisiones

RevisionDateDescription
1.02025-07-11Initial Release
2.02025-07-30Expanded product tagging
3.02026-01-15Added the 'Additional Details" section that clarifies when the vulnerability applies

 

Información relacionada

Productos afectados

ECS, ObjectScale, ECS Appliance, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ObjectScale Software with Encryption, ObjectScale Software without Encryption , ObjectScale Appliance Series, ObjectScale Software Series ...
Propiedades del artículo
Número de artículo: 000339124
Tipo de artículo: Dell Security Advisory
Última modificación: 15 ene 2026
Encuentra las respuestas que necesitas con la ayuda de otros usuarios de Dell
Servicios de asistencia
Comprueba si tu dispositivo está cubierto por los servicios de asistencia.