Article Number: 000220057
DSA-2023-442: Security Update for Dell PowerFlex appliance Multiple Third-Party Component Vulnerabilities
Summary: Dell PowerFlex appliance remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
Critical
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| Dell PowerEdge Server BIOS | CVE-2021-26345, CVE-2023-20566, CVE-2021-46774, CVE-2022-23820, CVE-2022-23830, CVE-2023-20519, CVE-2023-20521, CVE-2023-20526, CVE-2023-20533, CVE-2021-46766 | DSA-2023-355 |
| VMware vCenter | CVE-2023-34048, CVE-2023-34056 | VMSA-2023-0023 |
| Apache ActiveMQ | CVE-2023-46604 | ActiveMQ Apache |
Affected Products and Remediation
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| PowerFlex appliance |
Intelligent Catalogue (IC) | Versions prior to 45.373.01 | Version 45.373.01 | IC release |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| PowerFlex appliance |
Intelligent Catalogue (IC) | Versions prior to 45.373.01 | Version 45.373.01 | IC release |
In the case of manual upgrade for PowerFlex appliance, please see this link: https://www.dell.com/support/home/product-support/product/powerflex-appliance-int-ca-sw/drivers
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-11-30 | Initial Release |
| 2.0 | 2023-12-01 | Updated for enhanced presentation with no changes to content. |
| 3.0 | 2023-12-01 | Updated Affected Products and Remediation Section |
| 4.0 | 2023-12-06 | Updated Affected Products and Remediation Section |
Related Information
Legal Information
Article Properties
Affected Product
PowerFlex Appliance, PowerFlex appliance Intelligent Catalog Software
Last Published Date
06 Dec 2023
Version
4
Article Type
Dell Security Advisory