Skip to main content

Dell AIOps Collector CVE-2026-32652

HIGH
Use of Default Credentials (CWE-1392)
2026-06-17 dell
7.8
CVSS 3.1 · Vendor: dell
Share

Severity by source

Vendor (dell) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Local console access required (AV:L) with a low-privileged account (PR:L); default credentials make complexity low (AC:L) and yield full filesystem control, so C/I/A all High.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (dell).

CVSS VectorVendor: dell

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 16:52 vuln.today

DescriptionCVE.org

Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.

AnalysisAI

Local privilege escalation in Dell AIOps Collector versions prior to 1.18.3 allows a low-privileged attacker with console access to obtain filesystem-level access by abusing default credentials shipped with fresh installations. The flaw only affects systems freshly installed at an earlier version; upgraded hosts are not impacted. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege console access to Collector host
Delivery
Identify fresh pre-1.18.3 AIOps Collector install
Exploit
Authenticate using default credentials
Execution
Escalate to filesystem-level access
Impact
Read/modify Collector data and stage further lateral movement

Vulnerability AssessmentAI

Exploitation Exploitation requires (1) the Collector host to be a fresh installation of a Dell AIOps Collector version earlier than 1.18.3 - hosts upgraded to 1.18.3+ are explicitly out of scope even if originally installed on a vulnerable version; (2) the attacker to already possess low-privilege console access to that host (CVSS AV:L, PR:L), which rules out purely remote/network-only exploitation; and (3) the default credentials on the Collector to remain unrotated since install. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 7.8 score with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H is consistent with the description: an attacker who already has low-privilege console (local) access can use known default credentials to escalate to full filesystem-level read/write, yielding high impact across C/I/A within an unchanged scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who already has a low-privilege local/console session on a server running a freshly installed Dell AIOps Collector older than 1.18.3 authenticates to the Collector using the known default credentials and pivots to filesystem-level access, allowing them to read sensitive telemetry/config (including any cached secrets or API tokens used to talk to monitored systems), modify Collector behavior, or stage further lateral movement. No public exploit identified at time of analysis, but CWE-1392 issues are typically trivial to weaponize once the default credential value is known.
Remediation Vendor-released patch: Dell AIOps Collector 1.18.3 - upgrade all affected fresh installations to 1.18.3 or later per Dell DSA-2026-231 (https://www.dell.com/support/kbdoc/en-in/000477931/dsa-2026-231-security-update-for-dell-aiops-collector-for-default-credential-vulnerability), which is the authoritative fix and which, once applied, persists across subsequent upgrades. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running Dell AIOps Collector prior to version 1.18.3 using inventory or asset management tools. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-32652 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy