DSA-2022-155: Dell SRM and Dell Storage Monitoring and Reporting Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Multiple components within Dell SRM and Dell SMR require a security update to address various vulnerabilities.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component CVEs More information (check for below links for individual scores for each CVE)
SuSE Linux Binaries
*Only for vApp.		 CVE-2017-17095 https://www.suse.com/security/cve/CVE-2017-17095.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2018-25032 https://www.suse.com/security/cve/CVE-2018-25032.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2019-17546 https://www.suse.com/security/cve/CVE-2019-17546.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2020-25721 https://www.suse.com/security/cve/CVE-2020-25721.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-3800 https://www.suse.com/security/cve/CVE-2021-3800.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-4115 https://www.suse.com/security/cve/CVE-2021-4115.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-20316 https://www.suse.com/security/cve/CVE-2021-20316.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22946 https://www.suse.com/security/cve/CVE-2021-22946.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-25220 https://www.suse.com/security/cve/CVE-2021-25220.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-39713 https://www.suse.com/security/cve/CVE-2021-39713.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-44142 https://www.suse.com/security/cve/CVE-2021-44142.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-0336 https://www.suse.com/security/cve/CVE-2022-0336.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-0778 https://www.suse.com/security/cve/CVE-2022-0778.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-1271 https://www.suse.com/security/cve/CVE-2022-1271.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-22844 https://www.suse.com/security/cve/CVE-2022-22844.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-23219 https://www.suse.com/security/cve/CVE-2022-23219.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-24407 https://www.suse.com/security/cve/CVE-2022-24407.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-24448 https://www.suse.com/security/cve/CVE-2022-24448.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-25235 https://www.suse.com/security/cve/CVE-2022-25235.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-25236 https://www.suse.com/security/cve/CVE-2022-25236.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-25315 https://www.suse.com/security/cve/CVE-2022-25315.html This hyperlink is taking you to a website outside of Dell Technologies.
Java CVE-2022-21271 https://nvd.nist.gov/vuln/detail/CVE-2022-21271 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21277 https://nvd.nist.gov/vuln/detail/CVE-2022-21277 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21282 https://nvd.nist.gov/vuln/detail/CVE-2022-21282 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21291 https://nvd.nist.gov/vuln/detail/CVE-2022-21291 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21293 https://nvd.nist.gov/vuln/detail/CVE-2022-21293 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21294 https://nvd.nist.gov/vuln/detail/CVE-2022-21294 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21296 https://nvd.nist.gov/vuln/detail/CVE-2022-21296 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21299 https://nvd.nist.gov/vuln/detail/CVE-2022-21299 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21305 https://nvd.nist.gov/vuln/detail/CVE-2022-21305 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21340 https://nvd.nist.gov/vuln/detail/CVE-2022-21340 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21341 https://nvd.nist.gov/vuln/detail/CVE-2022-21341 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21349 https://nvd.nist.gov/vuln/detail/CVE-2022-21349 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21360 https://nvd.nist.gov/vuln/detail/CVE-2022-21360 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21365 https://nvd.nist.gov/vuln/detail/CVE-2022-21365 This hyperlink is taking you to a website outside of Dell Technologies.
MySQL CVE-2022-21270 https://nvd.nist.gov/vuln/detail/CVE-2022-21270 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21303 https://nvd.nist.gov/vuln/detail/CVE-2022-21303 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21304 https://nvd.nist.gov/vuln/detail/CVE-2022-21304 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21344 https://nvd.nist.gov/vuln/detail/CVE-2022-21344 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21367 https://nvd.nist.gov/vuln/detail/CVE-2022-21367 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22946 https://nvd.nist.gov/vuln/detail/CVE-2021-22946 This hyperlink is taking you to a website outside of Dell Technologies.
Tomcat CVE-2022-23181 https://nvd.nist.gov/vuln/detail/CVE-2022-23181 This hyperlink is taking you to a website outside of Dell Technologies.
Struts2 CVE-2021-31805 https://nvd.nist.gov/vuln/detail/CVE-2021-31805 This hyperlink is taking you to a website outside of Dell Technologies.
Dom4j CVE-2020-10683 https://nvd.nist.gov/vuln/detail/CVE-2020-10683 This hyperlink is taking you to a website outside of Dell Technologies.
Logback CVE-2017-5929 https://nvd.nist.gov/vuln/detail/CVE-2017-5929 This hyperlink is taking you to a website outside of Dell Technologies.
Apache Camel CVE-2018-8027 https://nvd.nist.gov/vuln/detail/CVE-2018-8027 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2020-11972 https://nvd.nist.gov/vuln/detail/CVE-2020-11972 This hyperlink is taking you to a website outside of Dell Technologies.
Netty CVE-2019-20445 https://nvd.nist.gov/vuln/detail/CVE-2019-20445 This hyperlink is taking you to a website outside of Dell Technologies.
H2 Database Engine CVE-2021-23463 https://nvd.nist.gov/vuln/detail/CVE-2021-23463 This hyperlink is taking you to a website outside of Dell Technologies.
Spring Framework CVE-2018-1270 https://nvd.nist.gov/vuln/detail/CVE-2018-1270 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2018-1275 https://nvd.nist.gov/vuln/detail/CVE-2018-1275 This hyperlink is taking you to a website outside of Dell Technologies.
Third-party Component CVEs More information (check for below links for individual scores for each CVE)
SuSE Linux Binaries
*Only for vApp.		 CVE-2017-17095 https://www.suse.com/security/cve/CVE-2017-17095.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2018-25032 https://www.suse.com/security/cve/CVE-2018-25032.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2019-17546 https://www.suse.com/security/cve/CVE-2019-17546.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2020-25721 https://www.suse.com/security/cve/CVE-2020-25721.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-3800 https://www.suse.com/security/cve/CVE-2021-3800.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-4115 https://www.suse.com/security/cve/CVE-2021-4115.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-20316 https://www.suse.com/security/cve/CVE-2021-20316.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22946 https://www.suse.com/security/cve/CVE-2021-22946.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-25220 https://www.suse.com/security/cve/CVE-2021-25220.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-39713 https://www.suse.com/security/cve/CVE-2021-39713.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-44142 https://www.suse.com/security/cve/CVE-2021-44142.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-0336 https://www.suse.com/security/cve/CVE-2022-0336.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-0778 https://www.suse.com/security/cve/CVE-2022-0778.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-1271 https://www.suse.com/security/cve/CVE-2022-1271.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-22844 https://www.suse.com/security/cve/CVE-2022-22844.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-23219 https://www.suse.com/security/cve/CVE-2022-23219.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-24407 https://www.suse.com/security/cve/CVE-2022-24407.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-24448 https://www.suse.com/security/cve/CVE-2022-24448.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-25235 https://www.suse.com/security/cve/CVE-2022-25235.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-25236 https://www.suse.com/security/cve/CVE-2022-25236.html This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-25315 https://www.suse.com/security/cve/CVE-2022-25315.html This hyperlink is taking you to a website outside of Dell Technologies.
Java CVE-2022-21271 https://nvd.nist.gov/vuln/detail/CVE-2022-21271 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21277 https://nvd.nist.gov/vuln/detail/CVE-2022-21277 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21282 https://nvd.nist.gov/vuln/detail/CVE-2022-21282 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21291 https://nvd.nist.gov/vuln/detail/CVE-2022-21291 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21293 https://nvd.nist.gov/vuln/detail/CVE-2022-21293 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21294 https://nvd.nist.gov/vuln/detail/CVE-2022-21294 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21296 https://nvd.nist.gov/vuln/detail/CVE-2022-21296 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21299 https://nvd.nist.gov/vuln/detail/CVE-2022-21299 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21305 https://nvd.nist.gov/vuln/detail/CVE-2022-21305 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21340 https://nvd.nist.gov/vuln/detail/CVE-2022-21340 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21341 https://nvd.nist.gov/vuln/detail/CVE-2022-21341 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21349 https://nvd.nist.gov/vuln/detail/CVE-2022-21349 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21360 https://nvd.nist.gov/vuln/detail/CVE-2022-21360 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21365 https://nvd.nist.gov/vuln/detail/CVE-2022-21365 This hyperlink is taking you to a website outside of Dell Technologies.
MySQL CVE-2022-21270 https://nvd.nist.gov/vuln/detail/CVE-2022-21270 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21303 https://nvd.nist.gov/vuln/detail/CVE-2022-21303 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21304 https://nvd.nist.gov/vuln/detail/CVE-2022-21304 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21344 https://nvd.nist.gov/vuln/detail/CVE-2022-21344 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2022-21367 https://nvd.nist.gov/vuln/detail/CVE-2022-21367 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2021-22946 https://nvd.nist.gov/vuln/detail/CVE-2021-22946 This hyperlink is taking you to a website outside of Dell Technologies.
Tomcat CVE-2022-23181 https://nvd.nist.gov/vuln/detail/CVE-2022-23181 This hyperlink is taking you to a website outside of Dell Technologies.
Struts2 CVE-2021-31805 https://nvd.nist.gov/vuln/detail/CVE-2021-31805 This hyperlink is taking you to a website outside of Dell Technologies.
Dom4j CVE-2020-10683 https://nvd.nist.gov/vuln/detail/CVE-2020-10683 This hyperlink is taking you to a website outside of Dell Technologies.
Logback CVE-2017-5929 https://nvd.nist.gov/vuln/detail/CVE-2017-5929 This hyperlink is taking you to a website outside of Dell Technologies.
Apache Camel CVE-2018-8027 https://nvd.nist.gov/vuln/detail/CVE-2018-8027 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2020-11972 https://nvd.nist.gov/vuln/detail/CVE-2020-11972 This hyperlink is taking you to a website outside of Dell Technologies.
Netty CVE-2019-20445 https://nvd.nist.gov/vuln/detail/CVE-2019-20445 This hyperlink is taking you to a website outside of Dell Technologies.
H2 Database Engine CVE-2021-23463 https://nvd.nist.gov/vuln/detail/CVE-2021-23463 This hyperlink is taking you to a website outside of Dell Technologies.
Spring Framework CVE-2018-1270 https://nvd.nist.gov/vuln/detail/CVE-2018-1270 This hyperlink is taking you to a website outside of Dell Technologies.
CVE-2018-1275 https://nvd.nist.gov/vuln/detail/CVE-2018-1275 This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions Link to Update  
Dell SRM Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/34247_SRM  
 
Dell SRM vApp Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/34247_SRM  
Dell SMR Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/40532_SMR  
Dell SMR vApp Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/40532_SMR  
 
Product Affected Versions Updated Versions Link to Update  
Dell SRM Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/34247_SRM  
 
Dell SRM vApp Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/34247_SRM  
Dell SMR Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/40532_SMR  
Dell SMR vApp Versions before 4.7.1.0 4.7.1.0 https://support.emc.com/downloads/40532_SMR  
 

Revision History

RevisionDateDescription
1.02022-06-28DSA for Dell SRM/SMR

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

EMC Storage Monitoring and Reporting, Product Security Information, SRM

Products

Storage Monitoring and Reporting
Article Properties
Article Number: 000200893
Article Type: Dell Security Advisory
Last Modified: 21 Jun 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.