Description
Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
Published: 2026-06-17
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Dell AIOps Collector versions prior to 1.18.3 allow an attacker with low‑privileged console access to use default credentials and obtain filesystem access. This compromise can enable the attacker to read or modify files owned by the Collector process, potentially leading to further escalation or data exposure.

Affected Systems

Dell AIOps Collector installations earlier than version 1.18.3 that have not been upgraded. Fresh installations of those versions are impacted; systems upgraded to 1.18.3 or later are safe.

Risk and Exploitability

The CVSS score of 7.8 reflects significant impact but the EPSS score of less than 1% indicates a low expected exploitation rate. The vulnerability is not listed in CISA's KEV catalog. The attack requires local console access and a low‑privileged user account, making it a local privilege‑escalation style flaw rather than remote. The risk is therefore moderate but still actionable given the potential for data compromise.

Generated by OpenCVE AI on June 18, 2026 at 18:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Dell AIOps Collector to version 1.18.3 or later.
  • Configure Collector to use strong, unique admin credentials instead of default ones.
  • Limit console access to authorized administrators and monitor for unauthorized logins.

Generated by OpenCVE AI on June 18, 2026 at 18:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Title Default Credentials Allow Local Filesystem Access in Dell AIOps Collector

Thu, 18 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Description Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
Weaknesses CWE-1392
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-06-18T15:24:47.349Z

Reserved: 2026-03-12T17:04:27.868Z

Link: CVE-2026-32652

cve-icon Vulnrichment

Updated: 2026-06-18T15:24:30.495Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T18:45:03Z

Weaknesses