Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000198344

DSA-2022-090: Dell EMC Cloud Tiering Appliance Security Update for polkit pkexec (PwnKit) Privilege Escalation Vulnerability

Summary: Dell EMC Cloud Tiering Appliance contains remediation for polkit pkexec (PwnKit) Privilege Escalation vulnerability that may be exploited by malicious users to compromise the affected system. ...

Article Content

Impact

Medium

Details

Third-party Component
 		 CVE More information
polkit CVE-2021-4034 https://www.suse.com/security/cve/CVE-2021-4034.html
Third-party Component
 		 CVE More information
polkit CVE-2021-4034 https://www.suse.com/security/cve/CVE-2021-4034.html
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVE Addressed Product Affected Versions Updated Versions Link to Update
CVE-2021-4034 Cloud Tiering Appliance
 		 Versions 13.0.0.0.16 and later
Versions 13.1.0.2.18 and later		 fix_for_pkexec_vulnerability.patch For CTA and CTA-HA:
https://www.dell.com/support/home/en-in/product-support/product/cloud-tiering-appliance/drivers
For CTA/VE and CTA-HA/VE:
https://www.dell.com/support/home/en-in/product-support/product/cloud-tiering-applianceve/drivers
CVE Addressed Product Affected Versions Updated Versions Link to Update
CVE-2021-4034 Cloud Tiering Appliance
 		 Versions 13.0.0.0.16 and later
Versions 13.1.0.2.18 and later		 fix_for_pkexec_vulnerability.patch For CTA and CTA-HA:
https://www.dell.com/support/home/en-in/product-support/product/cloud-tiering-appliance/drivers
For CTA/VE and CTA-HA/VE:
https://www.dell.com/support/home/en-in/product-support/product/cloud-tiering-applianceve/drivers

Workarounds and Mitigations

Apply the security patch mentioned above.

Revision History

RevisionDateDescription
1.02022-04-12Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

Cloud Tiering Appliance, Cloud Tiering Appliance Platform, Product Security Information

Last Published Date

12 Apr 2022

Version

1

Article Type

Dell Security Advisory

Back to Top