PT-2025-16951 · Dell · Dell Ecs
Published
2024-03-26
·
Updated
2025-04-19
·
CVE-2025-26478
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Dell ECS versions 3.8.1.4 and prior
Description
The issue is related to an Improper Certificate Validation, which could be exploited by an unauthenticated attacker with adjacent network access, potentially leading to information disclosure.
Recommendations
For Dell ECS versions 3.8.1.4 and prior, update to a version that contains a fix for this issue.
As a temporary workaround, consider restricting access to sensitive information and network resources to minimize the risk of exploitation.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Ecs