DSA-2021-123: Dell PowerScale OneFS Security Update for multiple vulnerabilities
摘要: Dell PowerScale OneFS remediation is available for multiple vulnerabilities that may be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21567 | Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. Since this also affects Compliance mode, this is a critical vulnerability and Dell recommends upgrading at the earliest opportunity. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Third-party Component | CVE | More information |
| Python | CVE-2021-3177 | See Advisory: Python Issue 42938 |
| Proprietary Code CVE | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21567 | Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may allow an authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE to elevate privilege. Since this also affects Compliance mode, this is a critical vulnerability and Dell recommends upgrading at the earliest opportunity. | 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Third-party Component | CVE | More information |
| Python | CVE-2021-3177 | See Advisory: Python Issue 42938 |
受影響的產品與補救措施
| CVEs Addressed | Affected Versions | Updated Versions | Link to Update |
| CVE-2021-3177 | 8.1.x, 8.2x, 9.0.0.x, and 9.2.0 | Upgrade your version of OneFS | PowerScale Downloads Area |
| 8.1.2, 8.2.2, and 9.1.0.x | Download and install the relevant GA-RUP_2021-06 | ||
| CVE-2021-21567 | 9.0.0.x | Upgrade your version of OneFS | |
| 9.1.0.x | Download and install the relevant GA-RUP_2021-06 |
| CVEs Addressed | Affected Versions | Updated Versions | Link to Update |
| CVE-2021-3177 | 8.1.x, 8.2x, 9.0.0.x, and 9.2.0 | Upgrade your version of OneFS | PowerScale Downloads Area |
| 8.1.2, 8.2.2, and 9.1.0.x | Download and install the relevant GA-RUP_2021-06 | ||
| CVE-2021-21567 | 9.0.0.x | Upgrade your version of OneFS | |
| 9.1.0.x | Download and install the relevant GA-RUP_2021-06 |
修訂歷史記錄
| Revision | Date | Description |
| 1.0 | 2021-07-12 | Initial Release |
相關資訊
法律免責聲明
受影響的產品
PowerScale OneFS, Product Security Information文章屬性
文章編號: 000189495
文章類型: Dell Security Advisory
上次修改時間: 15 2月 2022
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。