DSA-2021-172: Dell Isilon InsightIQ Security Update for a Proprietary Component Vulnerability

상세한 문서

영향

세부 정보

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

요약: Dell Isilon InsightIQ remediation is available for Proprietary Component that could be exploited by malicious users to compromise the affected systems.

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.

High

Proprietary Code CVE(s)	Description	CVSS Base Score	CVSS Vector String
CVE-2021-36298	Dell Isilon InsightIQ, versions prior to 4.1.4, contain Risky Cryptographic Algorithm in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; Dell recommends customers to upgrade at the earliest opportunity.	8.1	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Proprietary Code CVE(s)	Description	CVSS Base Score	CVSS Vector String
CVE-2021-36298	Dell Isilon InsightIQ, versions prior to 4.1.4, contain Risky Cryptographic Algorithm in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; Dell recommends customers to upgrade at the earliest opportunity.	8.1	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Dell Technologies는 모든 고객이 CVSS 기본 점수와 관련 임시 및 환경 점수를 모두 고려할 것을 권장합니다. 이 경우 특정 보안 취약성과 관련된 잠재적인 심각도에 영향을 미칠 수 있습니다.

CVE(s) Addressed	Product	Affected Version(s)	Updated Version(s)	Link to Update
CVE-2021-36298	Isilon InsightIQ	4.1.3.88	4.1.4.57	https://www.dell.com/support/home/en-in/product-support/product/isilon-insightiq/drivers Select Version 4.1.4 and Package based on requirement. Isilon InsightIQ 4.1.4 Installation File for Linux Computers Isilon InsightIQ 4.1.4 Installation File for Other Supported VMware Products Isilon InsightIQ 4.1.4 Installation File for VMware ESX, VMware ESXi, or VMware Workstation Isilon InsightIQ 4.1.4 Patch file for Linux computers

CVE(s) Addressed	Product	Affected Version(s)	Updated Version(s)	Link to Update
CVE-2021-36298	Isilon InsightIQ	4.1.3.88	4.1.4.57	https://www.dell.com/support/home/en-in/product-support/product/isilon-insightiq/drivers Select Version 4.1.4 and Package based on requirement. Isilon InsightIQ 4.1.4 Installation File for Linux Computers Isilon InsightIQ 4.1.4 Installation File for Other Supported VMware Products Isilon InsightIQ 4.1.4 Installation File for VMware ESX, VMware ESXi, or VMware Workstation Isilon InsightIQ 4.1.4 Patch file for Linux computers

None

Revision	Date	Description
0.1	2021-09-17	Initial Release.

Product Security Information

문서 번호: 000191604

문서 유형: Dell Security Advisory

마지막 수정 시간: 18 9월 2025

디바이스에 지원 서비스가 적용되는지 확인하십시오.