Amund Tenstad

**Name of the Vulnerable Software and Affected Versions** Dell ECS versions 3.6 through 3.6.2.5 Dell ECS versions 3.7 through 3.7.0.6 Dell ECS versions 3.8 through 3.8.0.4 **Description** The issue is related to an improper access control vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to all buckets and their data within a namespace. **Recommendations** For versions 3.6 through 3.6.2.5, update to a version later than 3.6.2.5 to resolve the issue. For versions 3.7 through 3.7.0.6, update to a version later than 3.7.0.6 to resolve the issue. For versions 3.8 through 3.8.0.4, update to a version later than 3.8.0.4 to resolve the issue. As a temporary workaround, consider restricting access to sensitive buckets and their data within a namespace until a patch is available.