DSA-2023-129: Dell PowerStore Family Security Update for Multiple Vulnerabilities

Table of Contents

Detailed Article

Impact

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Info

Legal Disclaimer

Affected Products

Provide Feedback

Summary: Dell PowerStore Family remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Check out other resources

Impact

Critical

Details

Third-party Component	CVEs	More Information
containerd	CVE-2022-31030, CVE-2022-29162	https://nvd.nist.gov/vuln/detail/CVE-2022-31030, https://nvd.nist.gov/vuln/detail/CVE-2022-29162
docker	CVE-2022-27191, CVE-2022-29162, CVE-2022-31030, CVE-2022-24769, CVE-2021-43565, CVE-2022-23648	https://nvd.nist.gov/vuln/detail/CVE-2022-27191, https://nvd.nist.gov/vuln/detail/CVE-2022-29162, https://nvd.nist.gov/vuln/detail/CVE-2022-31030, https://nvd.nist.gov/vuln/detail/CVE-2022-24769, https://nvd.nist.gov/vuln/detail/CVE-2021-43565, https://nvd.nist.gov/vuln/detail/CVE-2022-23648
jackson-databind	CVE-2022-42004, CVE-2022-42003	https://nvd.nist.gov/vuln/detail/CVE-2022-42004, https://nvd.nist.gov/vuln/detail/CVE-2022-42003
kernel	CVE-2020-16119, CVE-2022-20008, CVE-2022-2503, CVE-2022-2586, CVE-2022-32296, CVE-2022-3239, CVE-2022-3303, CVE-2022-41218, CVE-2022-41222, CVE-2022-41674, CVE-2022-41848, CVE-2022-41849, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721	https://lists.suse.com/pipermail/sle-security-updates/2022-October/012636.html
Libctf0	CVE-2021-20294, CVE-2021-20284, CVE-2021-20197, CVE-2020-16590, CVE-2020-16591, CVE-2020-16592, CVE-2020-16593, CVE-2020-16599, CVE-2021-3487, CVE-2020-35448, CVE-2020-35493, CVE-2020-35496, CVE-2020-35507	https://nvd.nist.gov/vuln/detail/CVE-2021-20294, https://nvd.nist.gov/vuln/detail/CVE-2021-20284, https://nvd.nist.gov/vuln/detail/CVE-2021-20197, https://nvd.nist.gov/vuln/detail/CVE-2020-16590, https://nvd.nist.gov/vuln/detail/CVE-2020-16591, https://nvd.nist.gov/vuln/detail/CVE-2020-16592, https://nvd.nist.gov/vuln/detail/CVE-2020-16593, https://nvd.nist.gov/vuln/detail/CVE-2020-16599, https://nvd.nist.gov/vuln/detail/CVE-2021-3487, https://nvd.nist.gov/vuln/detail/CVE-2020-35448, https://nvd.nist.gov/vuln/detail/CVE-2020-35493, https://nvd.nist.gov/vuln/detail/CVE-2020-35496, https://nvd.nist.gov/vuln/detail/CVE-2020-35507
libpcre1	CVE-2022-1586	https://nvd.nist.gov/vuln/detail/CVE-2022-1586
libpcre2-8-0	CVE-2022-1587, CVE-2019-20454	https://nvd.nist.gov/vuln/detail/CVE-2022-1587, https://nvd.nist.gov/vuln/detail/CVE-2019-20454
nss nspr	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
libfreebl3	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
libfreebl3-hmac	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
libsoftokn3	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
libsoftokn3-hmac	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
mozilla-nss	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
mozilla-nss-certs	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
mozilla-nss-tools	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
mozilla-nspr	CVE-2022-31741	https://nvd.nist.gov/vuln/detail/CVE-2022-31741
paramiko	CVE-2022-24302	https://nvd.nist.gov/vuln/detail/CVE-2022-24302
plexus-utils	CVE-2017-1000487	https://nvd.nist.gov/vuln/detail/CVE-2017-1000487
postgres	CVE-2022-2625	https://nvd.nist.gov/vuln/detail/CVE-2022-2625
protobuf-java	CVE-2022-3171	https://nvd.nist.gov/vuln/detail/CVE-2022-3171
python	CVE-2022-0391, CVE-2021-3733, CVE-2021-23336, CVE-2019-20907, CVE-2015-20107	https://nvd.nist.gov/vuln/detail/CVE-2022-0391, https://nvd.nist.gov/vuln/detail/CVE-2021-3733, https://nvd.nist.gov/vuln/detail/CVE-2021-23336, https://nvd.nist.gov/vuln/detail/CVE-2019-20907, https://nvd.nist.gov/vuln/detail/CVE-2015-20107
runc	CVE-2022-31030, CVE-2022-29162	https://nvd.nist.gov/vuln/detail/CVE-2022-31030, https://nvd.nist.gov/vuln/detail/CVE-2022-29162
snakeyaml	CVE-2022-25857, CVE-2022-38752, CVE-2022-38749, CVE-2022-3875, CVE-2022-38750	https://nvd.nist.gov/vuln/detail/CVE-2022-25857, https://nvd.nist.gov/vuln/detail/CVE-2022-38752, https://nvd.nist.gov/vuln/detail/CVE-2022-38749, https://nvd.nist.gov/vuln/detail/CVE-2022-38752, https://nvd.nist.gov/vuln/detail/CVE-2022-38750

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product	Software/Firmware	Affected Versions	Remediated Versions	Link
PowerStore 500T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-500t/drivers
PowerStore 1000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-1000t/drivers
PowerStore 3000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-3000t/drivers
PowerStore 5000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-5000t/drivers
PowerStore 7000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-7000t/drivers
PowerStore 9000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-9000t/drivers
PowerStore 1000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-1000/drivers
PowerStore 3000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-3000/drivers
PowerStore 5000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-5000/drivers
PowerStore 7000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-7000/drivers
PowerStore 9000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-9000/overview

Product	Software/Firmware	Affected Versions	Remediated Versions	Link
PowerStore 500T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-500t/drivers
PowerStore 1000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-1000t/drivers
PowerStore 3000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-3000t/drivers
PowerStore 5000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-5000t/drivers
PowerStore 7000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-7000t/drivers
PowerStore 9000T	PowerStore T OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-9000t/drivers
PowerStore 1000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-1000/drivers
PowerStore 3000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-3000/drivers
PowerStore 5000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-5000/drivers
PowerStore 7000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-7000/drivers
PowerStore 9000X	PowerStore X OS	Versions prior to 3.2.1.0-1989710	Version 3.2.1.0-1989710	https://www.dell.com/support/home/product-support/product/powerstore-9000/overview

Workarounds & Mitigations

None.

Revision History

Revision	Date	Description
1.0	2023-04-04	Initial Release
2.0	2023-04-06	Updated the Affected Products and Remediation Table
3.0	2023-06-26	Updated for enhanced presentation with no change to content.
4.0	2023-12-13	Updated for enhanced presentation with no change to content
5.0	2023-12-13	Updated for enhanced presentation with no change to content

Related Information

Legal Disclaimer

Affected Products

PowerStore 1000X, PowerStore 1000T, PowerStore 3000X, PowerStore 3000T, PowerStore 5000X, PowerStore 5000T, PowerStore 500T, PowerStore 7000X, PowerStore 7000T, PowerStore 9000X, PowerStore 9000T

Article Number: 000212002

Article Type: Dell Security Advisory

Last Modified: 13 Dec 2023

Check if your device is covered by Support Services.

DSA-2023-129: Dell PowerStore Family Security Update for Multiple Vulnerabilities

Summary: Dell PowerStore Family remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impact

Details

Affected Products & Remediation

Workarounds & Mitigations

Revision History

Related Information

Legal Disclaimer

Affected Products

Article Properties

Find answers to your questions from other Dell users

Support Services

Article Properties

Find answers to your questions from other Dell users

Support Services