DSA-2024-497: Dell PowerStore T Security Update for Multiple Vulnerabilities
Zusammenfassung: Dell PowerStore Family remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
Dieser Artikel gilt für
Dieser Artikel gilt nicht für
Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden.
In diesem Artikel werden nicht alle Produktversionen aufgeführt.
Auswirkungen
High
Details
| Third-party Component | CVEs | More Information |
| bind | CVE-2024-1975, CVE-2024-1737 | See NVD link below for individual scores for each CVE. |
| bouncycastle | CVE-2024-30172, CVE-2024-30171, CVE-2024-29857, CVE-2023-33202 | See NVD link below for individual scores for each CVE. |
| cni | CVE-2024-1753 | See NVD link below for individual scores for each CVE. |
| commons-compress | CVE-2024-26308, CVE-2024-25710 | See NVD link below for individual scores for each CVE. |
| containerd | CVE-2023-45288 | See NVD link below for individual scores for each CVE. |
| giflib | CVE-2023-48161, CVE-2022-28506, CVE-2021-40633 | See NVD link below for individual scores for each CVE. |
| glibc | CVE-2024-33601, CVE-2024-33602, CVE-2024-2961, CVE-2024-33600, CVE-2024-33599 | See NVD link below for individual scores for each CVE. |
| hsqldb | CVE-2022-4185 | See NVD link below for individual scores for each CVE. |
| idna | CVE-2024-3651 | See NVD link below for individual scores for each CVE. |
| kernel | CVE-2024-40937, CVE-2021-0129, CVE-2020-26558, CVE-2022-48821, CVE-2024-41011, CVE-2021-47598, CVE-2021-47580, CVE-2021-47219, CVE-2023-52686, CVE-2024-38559, CVE-2024-39494, CVE-2024-41069, CVE-2024-42145, CVE-2024-41059, CVE-2023-52885, CVE-2022-48792, CVE-2024-41090, CVE-2021-47291, CVE-2021-47126, CVE-2021-47506, CVE-2021-47520, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2021-47600, CVE-2024-36974 | See NVD link below for individual scores for each CVE. |
| krb5 | CVE-2024-37371, CVE-2024-37370 | See NVD link below for individual scores for each CVE. |
| libgpg-erro0 | CVE-2024-28180 | See NVD link below for individual scores for each CVE. |
| libuv1 | CVE-2023-50387, CVE-2023-50868, CVE-2023-6516, CVE-2023-4408, CVE-2023-5517 | See NVD link below for individual scores for each CVE. |
| lxml | CVE-2022-2309 | See NVD link below for individual scores for each CVE. |
| module-tools | CVE-2023-23559 | See NVD link below for individual scores for each CVE. |
| OpenJDK | CVE-2024-21131, CVE-2024-21140, CVE-2024-21144, CVE-2024-21147, CVE-2024-21138, CVE-2024-21145 | See NVD link below for individual scores for each CVE. |
| OpenSSL | CVE-2024-5535 | See NVD link below for individual scores for each CVE. |
| pip | CVE-2021-3572, CVE-2023-5752 | See NVD link below for individual scores for each CVE. |
| podman | CVE-2024-3727 | See NVD link below for individual scores for each CVE. |
| Python-pycryptodome | CVE-2023-52323 | See NVD link below for individual scores for each CVE. |
| Python-requests | CVE-2023-32681 | See NVD link below for individual scores for each CVE. |
| Python-setuptools | CVE-2024-6345 | See NVD link below for individual scores for each CVE. |
| xen | CVE-2024-31146, CVE-2024-31145 | See NVD link below for individual scores for each CVE. |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2024-51532 | Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files. | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2024-51532 | Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files. | 7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Betroffene Produkte und Korrektur
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| PowerStore 500T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-500t/drivers |
| PowerStore 1000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-1000t/drivers |
| PowerStore 1200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-1200t/drivers |
| PowerStore 3000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-3000t/drivers |
| PowerStore 3200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-3200t/drivers |
| PowerStore 5000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-5000t/drivers |
| PowerStore 5200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-5200t/drivers |
| PowerStore 7000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-7000t/drivers |
| PowerStore 9000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-9000t/drivers |
| PowerStore 9200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-9200t/drivers |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| PowerStore 500T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-500t/drivers |
| PowerStore 1000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-1000t/drivers |
| PowerStore 1200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-1200t/drivers |
| PowerStore 3000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-3000t/drivers |
| PowerStore 3200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-3200t/drivers |
| PowerStore 5000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-5000t/drivers |
| PowerStore 5200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-5200t/drivers |
| PowerStore 7000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-7000t/drivers |
| PowerStore 9000T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-9000t/drivers |
| PowerStore 9200T | PowerStoreT OS | Versions prior to 3.6.1.4-2413340 | Version 3.6.1.4-2413340 or later | https://www.dell.com/support/home/product-support/product/powerstore-9200t/drivers |
Revisionsverlauf
| Revision | Date | Description |
| 1.0 | 2024-12-19 | Initial Release |
Zugehörige Informationen
Rechtlicher Hinweis
Betroffene Produkte
PowerStore 3200T, PowerStore 500T, PowerStore 5200T, PowerStore 9200TArtikeleigenschaften
Artikelnummer: 000261519
Artikeltyp: Dell Security Advisory
Zuletzt geändert: 19 Dez. 2024
Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen
Support Services
Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.