Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000200100


DSA-2022-137: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details

Third-party Component CVEs More Information
Spring CVE-2022-22963 Not impacted by CVE-2022-22965
iDRAC CVE-2022-24422 See Dell article DSA-2022-068 for more details.
CVE-2021-3712 See Dell article DSA-2021-259 for more details.
CVE-2021-36347
CVE-2021-36348
PowerEdge Intel BIOS
(R640, R740, R840, C6420, XR2)
CVE-2019-14584 See Dell article DSA-2022-088 for more details.
CVE-2021-28210
CVE-2021-28211
CVE-2021-0091 See Dell article DSA-2022-040 for more details.
CVE-2021-0119
CVE-2021-0147
CVE-2021-0060 See Dell article DSA-2022-036 for more details.
CVE-2021-0092
CVE-2021-0093
CVE-2021-0099
CVE-2021-0103
CVE-2021-0107
CVE-2021-0111
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0124
CVE-2021-0125
CVE-2021-0127
Third-party Component CVEs More Information
Spring CVE-2022-22963 Not impacted by CVE-2022-22965
iDRAC CVE-2022-24422 See Dell article DSA-2022-068 for more details.
CVE-2021-3712 See Dell article DSA-2021-259 for more details.
CVE-2021-36347
CVE-2021-36348
PowerEdge Intel BIOS
(R640, R740, R840, C6420, XR2)
CVE-2019-14584 See Dell article DSA-2022-088 for more details.
CVE-2021-28210
CVE-2021-28211
CVE-2021-0091 See Dell article DSA-2022-040 for more details.
CVE-2021-0119
CVE-2021-0147
CVE-2021-0060 See Dell article DSA-2022-036 for more details.
CVE-2021-0092
CVE-2021-0093
CVE-2021-0099
CVE-2021-0103
CVE-2021-0107
CVE-2021-0111
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0124
CVE-2021-0125
CVE-2021-0127

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions
Dell VxRail 4.5.x versions before 4.5.480 4.5.480

Product Affected Versions Updated Versions
Dell VxRail 4.5.x versions before 4.5.480 4.5.480

Revision History

RevisionDateDescription
1.02022-05-26Initial Release
1.12022-06-01Removed CVE-2022-24423

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance SeriesVxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series, VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560F, VxRail E560N, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560F, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570F, VxRail P580N, VXRAIL P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570F, VXRAIL V670FSee more

Last Published Date

01 Jun 2022

Version

2

Article Type

Dell Security Advisory