DSA-2025-215: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities
Zusammenfassung: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Dieser Artikel gilt für
Dieser Artikel gilt nicht für
Dieser Artikel ist nicht an ein bestimmtes Produkt gebunden.
In diesem Artikel werden nicht alle Produktversionen aufgeführt.
Auswirkungen
Critical
Details
| Third-party Component | CVEs | More Information |
| VMware ESXi 7.0.3 and vCenter Server 7.0.3 | CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228, CVE-2025-41241 | VMSA-2025-0010 , VMSA-2025-0014 |
| vCenter Server 7.0.3 | CVE-2024-42154,CVE-2024-42224,CVE-2024-38428, CVE-2023-46589, CVE-2024-23672,CVE-2024-24549, CVE-2024-0743,CVE-2024-26458,CVE-2024-26461,CVE-2024-26898,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-6345,CVE-2024-9681,CVE-2024-23807, CVE-2024-44987, CVE-2024-44998, CVE-2024-44999, CVE-2024-46673, CVE-2024-46674, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-27282, CVE-2024-2397, CVE-2023-5115 | VMware vCenter Server Photon OS Security Patches |
| Security Update for Dell AMD-based PowerEdge Server Vulnerability | CVE-2024-36347 | DSA-2025-112 |
| Security Update for Dell PowerEdge Server BIOS for Tianocore EDK2 Vulnerability | CVE-2024-38796 | DSA-2025-038 |
| Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities | CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-24852, CVE-2024-36274 | DSA-2025-042 |
| Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities | CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 | DSA-2025-085 |
| Security Update for Dell PowerEdge Server for Intel 2025 Security Advisories (2025.1 IPU) | CVE-2024-28956, CVE-2024-39279, CVE-2024-28047 | DSA-2025-041 |
| Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.4 IPU) | CVE-2024-31068 | DSA-2024-381 |
| SQLite | CVE-2023-7104 | https://nvd.nist.gov/vuln/search |
| Python | CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 | https://nvd.nist.gov/vuln/search |
| CPython | CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2024-2511 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2024-37891 | https://nvd.nist.gov/vuln/search |
| Python-Requests | CVE-2023-32681 | https://nvd.nist.gov/vuln/search |
| XZ Utils | CVE-2024-47611, CVE-2020-22916 | https://nvd.nist.gov/vuln/search |
| Security Update for Dell iDRAC9 and iDRAC10 Vulnerabilities | CVE-2025-22397, CVE-2026-26945 | DSA-2025-376 , DSA-2026-113 |
| SUSE Updates | CVE-2025-31650, CVE-2025-31651, CVE-2023-40403, CVE-2024-55549, CVE-2025-24855, CVE-2022-49080, CVE-2024-35949, CVE-2024-50128, CVE-2024-53135, CVE-2024-57948, CVE-2025-21690, CVE-2025-21692, CVE-2025-21699, CVE-2025-27363, CVE-2025-27219, CVE-2025-27220, CVE-2024-47220, CVE-2025-1795, CVE-2025-22868, CVE-2025-22869, CVE-2024-8176, CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053, CVE-2025-32907, CVE-2025-32914, CVE-2025-46420, CVE-2025-46421, CVE-2025-24813, CVE-2024-56337, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698, CVE-2022-49053, CVE-2022-49465, CVE-2022-49739, CVE-2023-52935, CVE-2024-53064, CVE-2024-56651, CVE-2024-58083, CVE-2025-21693, CVE-2025-21714, CVE-2025-21732, CVE-2025-21753, CVE-2025-21772, CVE-2025-32051, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32912, CVE-2025-32913, CVE-2025-32433, CVE-2025-31344 | www.suse.com |
Betroffene Produkte und Korrektur
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
Workarounds und Korrekturmaßnahmen
| CVE ID | Workaround and Mitigation |
| CVE-2023-48795 | https://www.dell.com/support/kbdoc/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance |
| CVE-2025-2884 | https://www.dell.com/support/kbdoc/000346621 |
| CVE-2025-41236, CVE-2025-41237, CVE-2025-41238,CVE-2025-41239 | https://www.dell.com/support/kbdoc/000343605 |
Revisionsverlauf
| Revision | Date | Description |
| 1.0 | 2025-05-28 | Initial Release |
| 2.0 | 2025-07-28 | Added mitigation for CVE-2025-2884 |
| 3.0 | 2025-08-12 | Added mitigation for CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 and added CVE-2025-41241 to the advisory. |
| 4.0 | 2025-09-18 | Updated the Mitigation link for CVE-2025-2884 |
| 5.0 | 2025-11-14 | Added CVE-2025-22397 to the remediated table |
| 6.0 | 2026-03-31 | Added CVE-2026-26945 to the remediated table |
Zugehörige Informationen
Rechtlicher Hinweis
Betroffene Produkte
VxRail, VxRail Appliance Series, VxRail E660, VxRail E660NArtikeleigenschaften
Artikelnummer: 000325586
Artikeltyp: Dell Security Advisory
Zuletzt geändert: 31 März 2026
Antworten auf Ihre Fragen erhalten Sie von anderen Dell NutzerInnen
Support Services
Prüfen Sie, ob Ihr Gerät durch Support Services abgedeckt ist.