CVE-2025-26478 LOW

CVE-2025-26478

Vendor Dell
Product ECS
Weakness CWE-295
Published April 17, 2025
Last update April 17, 2025

CVSS base score

3.1/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.

Key dates

02Disclosure timeline

April 17, 2025 CVE published
April 17, 2025 Record updated