DSA-2025-242: Security Update for Dell ECS and Dell ObjectScale Insertion of Sensitive Information into Log File Vulnerability

Oversigt: Dell ECS and Dell ObjectScale remediation is available for Insertion of Sensitive Information into Log File that could be exploited by malicious users to compromise the affected system. ...

Denne artikel gælder for Denne artikel gælder ikke for Denne artikel er ikke knyttet til et bestemt produkt. Det er ikke alle produktversioner, der er identificeret i denne artikel.
Udforsk andre ressourcer

Virkning

Medium

Yderligere oplysninger

This Security Advisory communicates vulnerabilities affecting ECS versions prior to 3.8.1.5 and ObjectScale version 4.0.0.0 only when data replication to external cloud targets is configured. To address these vulnerabilities, customers must upgrade to a remediated version.

Oplysninger

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-30483 Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

 

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2025-30483 Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies anbefaler, at alle kunder tager hensyn til både CVSS-basisresultatet og alle relevante tidsmæssige og miljømæssige resultater, som kan have betydning for den potentielle alvorsgrad, der er forbundet med en bestemt sikkerhedsrisiko.

Berørte produkter og udbedring

Product Affected Versions Remediated Versions Link
Dell ECS Versions prior to 3.8.1.5 Version 3.8.1.5 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242
Dell ObjectScale Version 4.0.0.0 Version 4.0.0.1 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242

 

Product Affected Versions Remediated Versions Link
Dell ECS Versions prior to 3.8.1.5 Version 3.8.1.5 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242
Dell ObjectScale Version 4.0.0.0 Version 4.0.0.1 or later Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242

 

Note:

  1. Dell recommends all customers have their ObjectScale/ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request.
  2. Please visit the Security Update Release Schedule for Supported Versions of ObjectScale (formerly ECS) for more information regarding upcoming security releases.

Løsninger og afhjælpninger

None

Revisionshistorik

RevisionDateDescription
1.02025-07-11Initial Release
2.02025-07-30Expanded product tagging
3.02026-01-15Added the 'Additional Details" section that clarifies when the vulnerability applies

 

Relaterede oplysninger

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Ansvarsfraskrivelse

Berørte produkter

ECS, ObjectScale, ECS Appliance, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ObjectScale Software with Encryption, ObjectScale Software without Encryption , ObjectScale Appliance Series, ObjectScale Software Series ...
Artikelegenskaber
Artikelnummer: 000339124
Artikeltype: Dell Security Advisory
Senest ændret: 15 jan. 2026
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.