PT-2026-31304 · Dell · Dell Elastic Cloud Storage+1
Published
2026-04-06
·
Updated
2026-04-12
·
CVE-2026-28261
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell Elastic Cloud Storage versions 3.8.1.7 and prior
Dell ObjectScale versions prior to 4.1.0.3 and version 4.2.0.0
Description
Dell Elastic Cloud Storage and Dell ObjectScale contain a flaw where sensitive information may be inserted into log files. A local attacker with low privileges could potentially exploit this, leading to secret exposure. An attacker may be able to use the exposed secret to access the vulnerable system with the privileges of the compromised account.
Recommendations
Update Dell Elastic Cloud Storage to a version later than 3.8.1.7.
Update Dell ObjectScale to a version later than 4.1.0.3 and later than 4.2.0.0.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Elastic Cloud Storage
Dell Objectscale