DSA-2025-242: Security Update for Dell ECS and Dell ObjectScale Insertion of Sensitive Information into Log File Vulnerability
Resumen: Dell ECS and Dell ObjectScale remediation is available for Insertion of Sensitive Information into Log File that could be exploited by malicious users to compromise the affected system. ...
Este artículo se aplica a:
Este artículo no se aplica a:
Este artículo no está vinculado a ningún producto específico.
En este artículo no se identifican todas las versiones de los productos.
Impacto
Medium
Información adicional
This Security Advisory communicates vulnerabilities affecting ECS versions prior to 3.8.1.5 and ObjectScale version 4.0.0.0 only when data replication to external cloud targets is configured. To address these vulnerabilities, customers must upgrade to a remediated version.
Detalles
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-30483 | Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | 5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2025-30483 | Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contains an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | 5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Productos afectados y corrección
| Product | Affected Versions | Remediated Versions | Link |
| Dell ECS | Versions prior to 3.8.1.5 | Version 3.8.1.5 or later | Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242 |
| Dell ObjectScale | Version 4.0.0.0 | Version 4.0.0.1 or later | Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242 |
| Product | Affected Versions | Remediated Versions | Link |
| Dell ECS | Versions prior to 3.8.1.5 | Version 3.8.1.5 or later | Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242 |
| Dell ObjectScale | Version 4.0.0.0 | Version 4.0.0.1 or later | Open a Service Request for an Operating Environment Upgrade and Quote DSA-2025-242 |
Note:
- Dell recommends all customers have their ObjectScale/ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request.
- Please visit the Security Update Release Schedule for Supported Versions of ObjectScale (formerly ECS) for more information regarding upcoming security releases.
Soluciones alternativas y mitigaciones
None
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2025-07-11 | Initial Release |
| 2.0 | 2025-07-30 | Expanded product tagging |
| 3.0 | 2026-01-15 | Added the 'Additional Details" section that clarifies when the vulnerability applies |
Información relacionada
Aviso legal
Productos afectados
ECS, ObjectScale, ECS Appliance, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ObjectScale Software with Encryption, ObjectScale Software without Encryption
, ObjectScale Appliance Series, ObjectScale Software Series
...
Propiedades del artículo
Número de artículo: 000339124
Tipo de artículo: Dell Security Advisory
Última modificación: 15 ene 2026
Encuentra las respuestas que necesitas con la ayuda de otros usuarios de Dell
Servicios de asistencia
Comprueba si tu dispositivo está cubierto por los servicios de asistencia.