CVE-2026-21417

Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.dell.com/support/kbdoc/en-us/000419894/dsa-2026-025-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:dell:cloudboost_virtual_appliance:*:*:*:*:*:*:*:*

History

06 Feb 2026, 20:07

Type	Values Removed	Values Added
First Time		Dell cloudboost Virtual Appliance Dell
CPE		cpe:2.3:a:dell:cloudboost_virtual_appliance::::::::
References	~~() https://www.dell.com/support/kbdoc/en-us/000419894/dsa-2026-025-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities -~~	() https://www.dell.com/support/kbdoc/en-us/000419894/dsa-2026-025-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities - Vendor Advisory

27 Jan 2026, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-27 10:15

Updated : 2026-02-06 20:07

NVD link : CVE-2026-21417

Mitre link : CVE-2026-21417

CVE.ORG link : CVE-2026-21417

JSON object : View

Products Affected

dell

cloudboost_virtual_appliance

CWE

CWE-256

Plaintext Storage of a Password

7.0 /10