DSA-2023-026: Dell PowerFlex Appliance Security Update for Multiple Third-Party Component Vulnerabilities
Summary: Dell PowerFlex Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
| Component | CVEs | More information |
| Dell PowerEdge Server BIOS |
CVE-2022-21233 | Dell article 202341: DSA-2022-219: Dell PowerEdge Server Security Update for Intel August 2022 Security Advisories (2022.2 IPU) |
| CVE-2022-26074 | ||
| CVE-2022-33060 | ||
| CVE-2021-26316 | Dell article 207371: DSA-2023-002: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities | |
| CVE-2021-26398 | ||
| CVE-2021-39298 | ||
| CVE-2021-26402 | ||
| CVE-2021-26353 | ||
| CVE-2021-26355 | ||
| CVE-2023-20529 | ||
| CVE-2023-20530 | ||
| CVE-2023-20531 | ||
| CVE-2022-23813 | ||
| CVE-2022-23814 | ||
| CVE-2021-26396 | ||
| CVE-2021-46779 | ||
| CVE-2021-46791 | ||
| CVE-2021-26328 | ||
| CVE-2021-26407 | ||
| CVE-2021-26409 | ||
| CVE-2021-46768 | ||
| CVE-2021-46767 | ||
| CVE-2023-20522 | ||
| CVE-2023-20523 | ||
| CVE-2021-26404 | ||
| CVE-2023-20525 | ||
| CVE-2023-20527 | ||
| CVE-2023-20528 | ||
| CVE-2023-20532 | ||
| CVE-2021-26403 | ||
| CVE-2021-26343 | ||
| CVE-2022-34377 | Dell article 206296: DSA-2022-204: Dell PowerEdge Improper SMM Communication Buffer Verification Vulnerability | |
| CVE-2022-34376 | ||
| CVE-2022-34406 | ||
| CVE-2022-34407 | ||
| CVE-2022-34408 | ||
| CVE-2022-34409 | ||
| CVE-2022-34410 | ||
| CVE-2022-34411 | ||
| CVE-2022-34412 | ||
| CVE-2022-34413 | ||
| CVE-2022-34414 | ||
| CVE-2022-34415 | ||
| CVE-2022-34416 | ||
| CVE-2022-34417 | ||
| CVE-2022-34418 | ||
| CVE-2022-34419 | ||
| CVE-2022-34420 | ||
| CVE-2022-34421 | ||
| CVE-2022-34422 | ||
| CVE-2022-34423 | ||
| ESXi | CVE-2022-21123 | VMware article: VMSA-2022-0016 |
| CVE-2022-21125 | ||
| CVE-2022-21166 | ||
| CVE-2022-31680 | VMware article: VMSA-2022-0025 | |
| CVE-2022-31681 | ||
| vCenter server | CVE-2022-22982 | VMware article: VMSA-2022-0018 |
| PowerFlex Manager | CVE-2021-46827 | |
| CVE-2022-42889 | ||
| Dell iDRAC or Lifecycle Controller Firmware | CVE-2022-34435 | |
| Cisco Switch | CVE-2022-20824 | Cisco-sa-nxos-cdp-dos-ce-wWvPucC9 |
| Embedded OS | CVE-2022-2601 | |
| CVE-2022-3775 |
| Component | CVEs | More information |
| Dell PowerEdge Server BIOS |
CVE-2022-21233 | Dell article 202341: DSA-2022-219: Dell PowerEdge Server Security Update for Intel August 2022 Security Advisories (2022.2 IPU) |
| CVE-2022-26074 | ||
| CVE-2022-33060 | ||
| CVE-2021-26316 | Dell article 207371: DSA-2023-002: Dell PowerEdge Server Security Update for AMD Server Vulnerabilities | |
| CVE-2021-26398 | ||
| CVE-2021-39298 | ||
| CVE-2021-26402 | ||
| CVE-2021-26353 | ||
| CVE-2021-26355 | ||
| CVE-2023-20529 | ||
| CVE-2023-20530 | ||
| CVE-2023-20531 | ||
| CVE-2022-23813 | ||
| CVE-2022-23814 | ||
| CVE-2021-26396 | ||
| CVE-2021-46779 | ||
| CVE-2021-46791 | ||
| CVE-2021-26328 | ||
| CVE-2021-26407 | ||
| CVE-2021-26409 | ||
| CVE-2021-46768 | ||
| CVE-2021-46767 | ||
| CVE-2023-20522 | ||
| CVE-2023-20523 | ||
| CVE-2021-26404 | ||
| CVE-2023-20525 | ||
| CVE-2023-20527 | ||
| CVE-2023-20528 | ||
| CVE-2023-20532 | ||
| CVE-2021-26403 | ||
| CVE-2021-26343 | ||
| CVE-2022-34377 | Dell article 206296: DSA-2022-204: Dell PowerEdge Improper SMM Communication Buffer Verification Vulnerability | |
| CVE-2022-34376 | ||
| CVE-2022-34406 | ||
| CVE-2022-34407 | ||
| CVE-2022-34408 | ||
| CVE-2022-34409 | ||
| CVE-2022-34410 | ||
| CVE-2022-34411 | ||
| CVE-2022-34412 | ||
| CVE-2022-34413 | ||
| CVE-2022-34414 | ||
| CVE-2022-34415 | ||
| CVE-2022-34416 | ||
| CVE-2022-34417 | ||
| CVE-2022-34418 | ||
| CVE-2022-34419 | ||
| CVE-2022-34420 | ||
| CVE-2022-34421 | ||
| CVE-2022-34422 | ||
| CVE-2022-34423 | ||
| ESXi | CVE-2022-21123 | VMware article: VMSA-2022-0016 |
| CVE-2022-21125 | ||
| CVE-2022-21166 | ||
| CVE-2022-31680 | VMware article: VMSA-2022-0025 | |
| CVE-2022-31681 | ||
| vCenter server | CVE-2022-22982 | VMware article: VMSA-2022-0018 |
| PowerFlex Manager | CVE-2021-46827 | |
| CVE-2022-42889 | ||
| Dell iDRAC or Lifecycle Controller Firmware | CVE-2022-34435 | |
| Cisco Switch | CVE-2022-20824 | Cisco-sa-nxos-cdp-dos-ce-wWvPucC9 |
| Embedded OS | CVE-2022-2601 | |
| CVE-2022-3775 |
Affected Products & Remediation
| Product | Affected Versions | Updated Versions |
| PowerFlex Appliance | Versions before Intelligent_Catalog_38_363_01_r8 | Intelligent_Catalog_38_363_01_r8 |
| Versions before Intelligent_Catalog_38_357_01_r8 | Intelligent_Catalog_38_357_01_r8 | |
| Versions before Intelligent_Catalog_40.371.00_r30 | Intelligent_Catalog_40.371.00_r30 |
For Intelligent Catalog (IC) bundle downloads:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-appliance-int-ca-sw/drivers
| Product | Affected Versions | Updated Versions |
| PowerFlex Appliance | Versions before Intelligent_Catalog_38_363_01_r8 | Intelligent_Catalog_38_363_01_r8 |
| Versions before Intelligent_Catalog_38_357_01_r8 | Intelligent_Catalog_38_357_01_r8 | |
| Versions before Intelligent_Catalog_40.371.00_r30 | Intelligent_Catalog_40.371.00_r30 |
For Intelligent Catalog (IC) bundle downloads:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-appliance-int-ca-sw/drivers
Revision History
| Revision | Date | Description |
| 1.0 | 2023-01-30 | Initial Release |
Related Information
Legal Disclaimer
Affected Products
PowerFlex Appliance, PowerFlex appliance Intelligent Catalog Software, Product Security InformationArticle Properties
Article Number: 000208055
Article Type: Dell Security Advisory
Last Modified: 30 Jan 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.