Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000200861


DSA-2022-147: DELL EMC PowerFlex 15G-Based Custom Node, 14G-Based VxFlex Ready Node, and 13G-Based ScaleIO Ready Node Security Update for iDRAC-Based Vulnerabilities

Summary: Remediation is available for iDRAC security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

High

Details

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2022-0778 R650 and R750 Custom Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R640, R740, and R840 VxFlex Ready Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R630 and R730xd ScaleIO Ready Node  iDRAC versions before 2.83.83.83 2.83.83.83 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-24423
CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2022-0778 R650 and R750 Custom Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R640, R740, and R840 VxFlex Ready Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R630 and R730xd ScaleIO Ready Node  iDRAC versions before 2.83.83.83 2.83.83.83 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-24423
Revision History

RevisionDateDescription
1.02022-06-22Initial release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

VxFlex Ready Nodes, PowerFlex custom node, ScaleIO, PowerFlex custom node, PowerFlex custom node R650, PowerFlex custom node R750, Product Security Information, VxFlex Ready Node, VxFlex Ready Node R640, VxFlex Ready Node R740xd, Ready Node SeriesVxFlex Ready Nodes, PowerFlex custom node, ScaleIO, PowerFlex custom node, PowerFlex custom node R650, PowerFlex custom node R750, Product Security Information, VxFlex Ready Node, VxFlex Ready Node R640, VxFlex Ready Node R740xd, Ready Node Series, VxFlex Ready Node R840See more

Last Published Date

22 Jun 2022

Version

1

Article Type

Dell Security Advisory