DSA-2021-172: Dell Isilon InsightIQ Security Update for a Proprietary Component Vulnerability

요약: Dell Isilon InsightIQ remediation is available for Proprietary Component that could be exploited by malicious users to compromise the affected systems.

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.

영향

High

세부 정보

Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector String
CVE-2021-36298 Dell Isilon InsightIQ, versions prior to 4.1.4, contain Risky Cryptographic Algorithm in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; Dell recommends customers to upgrade at the earliest opportunity. 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Proprietary Code CVE(s) Description CVSS Base Score CVSS Vector String
CVE-2021-36298 Dell Isilon InsightIQ, versions prior to 4.1.4, contain Risky Cryptographic Algorithm in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; Dell recommends customers to upgrade at the earliest opportunity. 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Dell Technologies는 모든 고객이 CVSS 기본 점수와 관련 임시 및 환경 점수를 모두 고려할 것을 권장합니다. 이 경우 특정 보안 취약성과 관련된 잠재적인 심각도에 영향을 미칠 수 있습니다.

영향을 받는 제품 및 문제 해결

CVE(s) Addressed Product Affected Version(s) Updated Version(s) Link to Update
CVE-2021-36298 Isilon InsightIQ 4.1.3.88 4.1.4.57
 
https://www.dell.com/support/home/en-in/product-support/product/isilon-insightiq/drivers
Select Version 4.1.4 and Package based on requirement.
  1. Isilon InsightIQ 4.1.4 Installation File for Linux Computers
  2. Isilon InsightIQ 4.1.4 Installation File for Other Supported VMware Products
  3. Isilon InsightIQ 4.1.4 Installation File for VMware ESX, VMware ESXi, or VMware Workstation
  4. Isilon InsightIQ 4.1.4 Patch file for Linux computers
CVE(s) Addressed Product Affected Version(s) Updated Version(s) Link to Update
CVE-2021-36298 Isilon InsightIQ 4.1.3.88 4.1.4.57
 
https://www.dell.com/support/home/en-in/product-support/product/isilon-insightiq/drivers
Select Version 4.1.4 and Package based on requirement.
  1. Isilon InsightIQ 4.1.4 Installation File for Linux Computers
  2. Isilon InsightIQ 4.1.4 Installation File for Other Supported VMware Products
  3. Isilon InsightIQ 4.1.4 Installation File for VMware ESX, VMware ESXi, or VMware Workstation
  4. Isilon InsightIQ 4.1.4 Patch file for Linux computers

해결 방법 및 완화 방안

None

개정 내역

RevisionDateDescription
0.12021-09-17Initial Release.

관련 정보

해당 제품

Product Security Information
문서 속성
문서 번호: 000191604
문서 유형: Dell Security Advisory
마지막 수정 시간: 18 9월 2025
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.