DSA-2021-123: Dell PowerScale OneFS Security Update for multiple vulnerabilities
Zusammenfassung: Dell PowerScale OneFS remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.
Dieser Artikel gilt für
Dieser Artikel gilt nicht für
Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden.
In diesem Artikel werden nicht alle Produktversionen aufgeführt.
Auswirkungen
Critical
Details
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21567 | Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. Since this also affects Compliance mode, this is a critical vulnerability and Dell recommends upgrading at the earliest opportunity. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Third-party Component | CVE | More information |
| Python | CVE-2021-3177 | See Advisory: Python Issue 42938 |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21567 | Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. Since this also affects Compliance mode, this is a critical vulnerability and Dell recommends upgrading at the earliest opportunity. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Third-party Component | CVE | More information |
| Python | CVE-2021-3177 | See Advisory: Python Issue 42938 |
Betroffene Produkte und Korrektur
| CVEs Addressed | Affected Versions | Updated Versions | Link to Update |
| CVE-2021-3177 | 8.1.x, 8.2x, 9.0.0.x, and 9.2.0 | Upgrade your version of OneFS | PowerScale Downloads Area |
| 8.1.2, 8.2.2, and 9.1.0.x | Download and install the relevant GA-RUP_2021-06 | ||
| CVE-2021-21567 | 9.0.0.x | Upgrade your version of OneFS | |
| 9.1.0.x | Download and install the relevant GA-RUP_2021-06 |
| CVEs Addressed | Affected Versions | Updated Versions | Link to Update |
| CVE-2021-3177 | 8.1.x, 8.2x, 9.0.0.x, and 9.2.0 | Upgrade your version of OneFS | PowerScale Downloads Area |
| 8.1.2, 8.2.2, and 9.1.0.x | Download and install the relevant GA-RUP_2021-06 | ||
| CVE-2021-21567 | 9.0.0.x | Upgrade your version of OneFS | |
| 9.1.0.x | Download and install the relevant GA-RUP_2021-06 |
Revisionsverlauf
| Revision | Date | Description |
| 1.0 | 2021-07-12 | Initial Release |
Zugehörige Informationen
Rechtlicher Hinweis
Betroffene Produkte
PowerScale OneFS, Product Security InformationArtikeleigenschaften
Artikelnummer: 000189495
Artikeltyp: Dell Security Advisory
Zuletzt geändert: 15 Feb. 2022
Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen
Support Services
Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.