DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

Shrnutí: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Tento článek se vztahuje na Tento článek se nevztahuje na Tento článek není vázán na žádný konkrétní produkt. V tomto článku nejsou uvedeny všechny verze produktu.
Podívejte se na další zdroje

Vliv

Critical

Podrobnosti

Third-Party Component CVEs More information
Dell PowerEdge Server BIOS CVE-2024-28047, CVE-2024-36293, CVE-2024-39279, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2024-28956, CVE-2024-31068, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044 DSA-2025-041, DSA-2025-042, DSA-2025-156, DSA-2025-297, DSA-2024-381, DSA-2025-038
Dell Remote Access Controller (iDRAC) CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-26466, CVE-2024-480, CVE-2025-22397

DSA-2025-146, DSA-2025-156, DSA-2025-376

 

Společnost Dell Technologies všem zákazníkům doporučuje vzít v úvahu základní hodnocení CVSS i všechna související hodnocení v daném čase a prostředí, která mohou mít vliv na potenciální závažnost dané konkrétní bezpečnostní hrozby.

Dotčené produkty a náprava

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale F200 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale F600 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale F900 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale B100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale P100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466,  CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F210 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F710 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F910 PowerScale Node Firmware Package  Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area

 

 

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale F200 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale F600 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale F900 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale B100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397 PowerScale P100 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466,  CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F210 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F710 PowerScale Node Firmware Package Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397 PowerScale F910 PowerScale Node Firmware Package  Versions prior to 13.1.3 Version 13.1.3 or later PowerScale OneFS Downloads Area

 

 

Notes:

  1. We encourage all customers to upgrade to the remediated versions. If an upgrade is not feasible, customers should review the CVE details to determine potential risk to their environments.
  2. To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in  PowerScale Node Firmware Package 13.1.3 Release Notes documented in Firmware - PowerScale Info Hub.
  3. Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades on version prior to 9.9.0.0.

Zástupná řešení a opatření pro zmírnění rizik

None

Historie změn

RevisionDateDescription
1.02025-10-14Initial Release
2.02026-02-25Updated to include CVE-2025-22397

 

Související informace

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Právní upozornění

Dotčené produkty

PowerScale OneFS, PowerScale B100, PowerScale F200, PowerScale F210, PowerScale F600, PowerScale F710, PowerScale F900, PowerScale F910, PowerScale P100
Vlastnosti článku
Číslo článku: 000363693
Typ článku: Dell Security Advisory
Poslední úprava: 25 úno 2026
Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell
Služby podpory
Zkontrolujte, zda se na vaše zařízení vztahují služby podpory.