DSA-2025-152: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Acest articol se aplică pentru Acest articol nu se aplică pentru Acest articol nu este legat de un produs specific. Acest articol nu acoperă toate versiunile de produs existente.
Consultați alte resurse

Impact

Critical

Details

Third-party Component CVEs More Information
VMware ESXi 8.0.3 and vCenter Server 8.0.3 CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 VMSA-2025-0010This hyperlink is taking you to a website outside of Dell Technologies.
vCenter Server 8.0.3 Security Updates CVE-2022-48554, CVE-2023-49582,CVE-2023-5388,CVE-2024-0743,CVE-2024-0760,CVE-2024-1737,CVE-2024-1975,CVE-2024-24557,CVE-2024-26458,CVE-2024-26461,CVE-2024-26857,CVE-2024-26885,CVE-2024-26898,CVE-2024-26921,CVE-2024-27072,CVE-2024-34397,CVE-2024-34750,CVE-2024-35965,CVE-2024-35973,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-4076,CVE-2024-41073,CVE-2024-4317,CVE-2024-43790,CVE-2024-43802,CVE-2024-43829,CVE-2024-44931,CVE-2024-45306,CVE-2024-46695,CVE-2024-46854,CVE-2024-47672,CVE-2024-47674,CVE-2024-47814,CVE-2024-49955,CVE-2024-49959,CVE-2024-49967,CVE-2024-49973,CVE-2024-49975,CVE-2024-49983,CVE-2024-49993,CVE-2024-50001,CVE-2024-50006,CVE-2024-50008,CVE-2024-50010,CVE-2024-50015,CVE-2024-50024,CVE-2024-50039,CVE-2024-50040,CVE-2024-50044,CVE-2024-50045,CVE-2024-50046,CVE-2024-50049,CVE-2024-50058,CVE-2024-50072,CVE-2024-50082,CVE-2024-50083,CVE-2024-50095,CVE-2024-50115,CVE-2024-50117,CVE-2024-50131,CVE-2024-50134,CVE-2024-50142,CVE-2024-50148,CVE-2024-50167,CVE-2024-50179,CVE-2024-50185,CVE-2024-50201,CVE-2024-50202,CVE-2024-50228,CVE-2024-50237,CVE-2024-50251,CVE-2024-50262,CVE-2024-6119,CVE-2024-6197,CVE-2024-6345,CVE-2024-7348,CVE-2024-9681, CVE-2024-42322,CVE-2024-44987,CVE-2024-44998,CVE-2024-44999,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492,CVE-2024-6923,CVE-2024-7264, CVE-2024-2397, CVE-2024-23807, CVE-2023-52323 https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-appliance-photonos-security-patches.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 DSA-2025-085

Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

 CVE-2024-24852, CVE-2024-36274 DSA-2025-042

Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.3 IPU)

 CVE-2024-25565 DSA-2024-308

Security Update for Dell iDRAC9 Vulnerabilities

 CVE-2023-52340, CVE-2024-42154 DSA-2024-460
Security Update for Dell AMD-based PowerEdge Server Vulnerabilities CVE-2024-21944 DSA-2024-404
Dell PowerEdge Server Security Update for Intel® Processor Vulnerabilities CVE-2024-21853 DSA-2024-383
SUSE Updates CVE-2025-22868, CVE-2025-22869 https://www.suse.com/This hyperlink is taking you to a website outside of Dell Technologies.
SQLite CVE-2023-7104 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
CPython CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
OpenSSL CVE-2024-2511 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
urllib3 CVE-2024-37891 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python-Requests CVE-2023-32681 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
XZ Utils CVE-2024-47611, CVE-2020-22916 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Produse afectate și măsuri de remediere

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions 8.0.000 through 8.0.322 Version 8.0.330 or later https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions 8.0.000 through 8.0.322 Version 8.0.330 or later https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Soluții alternative și strategii de atenuare

CVE ID Workaround and Mitigation
CVE-2023-48795 https://www.dell.com/support/kbdoc/en-us/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance

 

Revision History

Revision DateDescription
1.02025-04-30Initial Release
2.02025-05-28Added CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 pertaining to VMSA-2025-0010 and mitigation for CVE-2023-48795

 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Exonerare de răspundere

Produse afectate

VxRail, VMware, VxRail Appliance Series
Proprietăți articol
Article Number: 000314560
Article Type: Dell Security Advisory
Ultima modificare: 28 mai 2025
Găsiți răspunsuri la întrebările dvs. de la alți utilizatori Dell
Servicii de asistență
Verificați dacă dispozitivul dvs. este acoperit de serviciile de asistență.