DSA-2025-072: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities

摘要: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影响

详情

受影响的产品和补救措施

修订历史记录

法律免责声明

受影响的产品

提供反馈

本文适用于本文不适用于本文并非针对某种特定的产品。本文并非包含所有产品版本。

查看其他资源

影响

High

详情

Third-Party Component	CVEs	More information
BIOS	CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985	https://nvd.nist.gov/
iDRAC	CVE-2023-52340, CVE-2024-42154	https://nvd.nist.gov/

Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数，这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985, CVE-2023-52340, CVE-2024-42154	PowerScale F210	PowerScale Node Firmware Package	Versions prior to 12.4.2	Version 12.4.2 or later	PowerScale OneFS Downloads Area
CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985, CVE-2023-52340, CVE-2024-42154	PowerScale F710	PowerScale Node Firmware Package	Versions prior to 12.4.2	Version 12.4.2 or later	PowerScale OneFS Downloads Area
CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985, CVE-2023-52340, CVE-2024-42154	PowerScale F910	PowerScale Node Firmware Package	Versions prior to 12.4.2	Version 12.4.2 or later	PowerScale OneFS Downloads Area

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985, CVE-2023-52340, CVE-2024-42154	PowerScale F210	PowerScale Node Firmware Package	Versions prior to 12.4.2	Version 12.4.2 or later	PowerScale OneFS Downloads Area
CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985, CVE-2023-52340, CVE-2024-42154	PowerScale F710	PowerScale Node Firmware Package	Versions prior to 12.4.2	Version 12.4.2 or later	PowerScale OneFS Downloads Area
CVE-2024-21853, CVE-2024-25565, CVE-2024-22185, CVE-2024-24985, CVE-2023-52340, CVE-2024-42154	PowerScale F910	PowerScale Node Firmware Package	Versions prior to 12.4.2	Version 12.4.2 or later	PowerScale OneFS Downloads Area

Note:

We encourage all customers to upgrade to the remediated versions, if an upgrade is not feasible, we recommend customers to review the CVE details further to more accurately determine potential risk to their environment.
To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 12.4.2 Release Notes documented in Firmware - PowerScale Info Hub.
Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades when upgrading from PowerScale OneFS versions lower than: 9.4.0.19, 9.5.1.0, 9.7.1.0, 9.8.0.1, 9.9.0.0.

修订历史记录

Revision	Date	Description
1.0	2025-02-11	Initial Release
2.0	2025-07-23	Updated for enhance presentation

法律免责声明

受影响的产品

PowerScale F210, PowerScale F710, PowerScale F910

文章编号: 000283880

文章类型: Dell Security Advisory

上次修改时间: 23 7月 2025

DSA-2025-072: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities

摘要: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

DSA-2025-072: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities

摘要: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

详细文章

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务