Dell Unity: False Positive Security Scan for CVE-2021-28041 (User Correctable)
Summary: Vulnerability scanners may flag Dell Unity systems as vulnerable to CVE-2021-28041 (OpenSSH integer overflow). However, Dell Unity is not affected by this vulnerability. This is a false positive. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Vulnerability scanners may flag Dell Unity systems as vulnerable to CVE-2021-28041 (OpenSSH integer overflow). However, Dell Unity is not affected by this vulnerability.
This is a false positive.
Cause
CVE-2021-28041 was originally fixed in OpenSSH version 8.4p1-3.9.1.
Dell Unity OE (Operating Environment) utilizes OpenSSH packages (8.4p1.3.49.1) that include this fix. Because scanners often look for specific version strings rather than the presence of the fix itself, they may flag the system incorrectly.
Resolution
No action is required since Dell Unity OE version 5.5.3.0.5.057 (and other modern releases) includes OpenSSH 8.4p1-3.49.1, which contains the necessary security patches.
Affected Products
Dell EMC UnityArticle Properties
Article Number: 000457410
Article Type: Solution
Last Modified: 26 أبريل 2026
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.