Dell AIOps Collector Hard-Coded Default Credentials Allow Unauthorized Filesystem Access (CVE-2026-32652)

Scope: Dell AIOps Collector Versions Prior to 1.18.3 (Fresh Installations Only)

Severity: High

Dell AIOps Collector versions prior to 1.18.3, when freshly installed rather than upgraded, ship with hard-coded or well-known default credentials that a low-privileged attacker with physical or console access can use to authenticate directly to the underlying filesystem, reading sensitive configuration files, application data, and operational information, and potentially modifying files depending on filesystem permissions. The exposure facilitates lateral movement to connected monitoring and infrastructure systems, privilege escalation, and disruption of AIOps-dependent observability services. Organizations should upgrade to Dell AIOps Collector 1.18.3 immediately (note that upgraded systems are not affected even if originally installed from a vulnerable version), change default credentials immediately during all future fresh installations, enforce strict physical and console access controls to hosting servers, and audit local authentication logs for unauthorized login attempts.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.