Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Dell Financial Services Partner Program Sign In
Contact Us

Your Dell.com Carts

DSA-2024-247: Security Update for Dell VxRail 7.0.520 Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

High

Additional Details

CVE-2022-23829 has been remediated in 7.0.300. Please refer to DSA-2024-149.

Details

Third-party Component CVEs More Information
VMware CVE-2024-22273, CVE-2024-22274, CVE-2024-22275 VMSA-2024-0011   This hyperlink is taking you to a website outside of Dell Technologies.
VMware  CVE-2024-37085, CVE-2024-37086, CVE-2024-37087 VMSA-2024-0013 This hyperlink is taking you to a website outside of Dell Technologies.  
SU SE CVE-2024-2961,CVE-2024-28757,CVE-2024-28182,CVE-2024-28085,CVE-2024-26600,CVE-2024-26461,CVE-2024-26458,CVE-2024-25743,CVE-2024-25742,CVE-2024-24549,CVE-2024-2398,CVE-2024-23672,CVE-2024-21094,CVE-2024-21085,CVE-2024-21068,CVE-2024-21012,CVE-2024-21011,CVE-2024-2004,CVE-2024-0450,CVE-2023-6597,CVE-2023-6536,CVE-2023-6535,CVE-2023-6356,CVE-2023-5388,CVE-2023-52621,CVE-2023-52605,CVE-2023-52597,CVE-2023-52583,CVE-2023-52582,CVE-2023-52576,CVE-2023-52575,CVE-2023-52574,CVE-2023-52569,CVE-2023-52567,CVE-2023-52566,CVE-2023-52564,CVE-2023-52532,CVE-2023-52529,CVE-2023-52528,CVE-2023-52525,CVE-2023-52524,CVE-2023-52523,CVE-2023-52520,CVE-2023-52519,CVE-2023-52517,CVE-2023-52515,CVE-2023-52513,CVE-2023-52511,CVE-2023-52510,CVE-2023-52509,CVE-2023-52508,CVE-2023-52507,CVE-2023-52504,CVE-2023-52502,CVE-2023-52501,CVE-2023-52497,CVE-2023-52492,CVE-2023-52477,CVE-2023-52474,CVE-2023-52470,CVE-2023-52469,CVE-2023-52454,CVE-2023-52450,CVE-2023-52447,CVE-2023-52425,CVE-2023-40551,CVE-2023-40550,CVE-2023-40549,CVE-2023-40548,CVE-2023-40547,CVE-2023-40546,CVE-2023-35827,CVE-2023-28746,CVE-2022-48630,CVE-2022-48629,CVE-2022-48626,CVE-2022-48624,CVE-2022-4744,CVE-2022-28737,CVE-2022-20154,CVE-2021-47108,CVE-2021-47107,CVE-2021-47105,CVE-2021-47104,CVE-2021-47102,CVE-2021-47101,CVE-2021-47100,CVE-2021-47099,CVE-2021-47098,CVE-2021-47097,CVE-2021-47096,CVE-2021-47095,CVE-2021-47094,CVE-2021-47093,CVE-2021-47091,CVE-2021-47087,CVE-2021-47082,CVE-2021-46936,CVE-2021-46933,CVE-2021-46931,CVE-2021-46930,CVE-2021-46929,CVE-2021-46927,CVE-2021-46926,CVE-2021-46925,CVE-2021-3521 SUSE.com
This hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-39575 update_disk_psu_baseline.sh requires password in plain text 7.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H
CVE-2024-38487 api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions. 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-39575 update_disk_psu_baseline.sh requires password in plain text 7.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H
CVE-2024-38487 api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions. 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Remediated Versions Link
Dell EMC VxRail Appliance 7.0.x versions prior to 7.0.520 7.0.520 Drivers & Downloads

Product Affected Versions Remediated Versions Link
Dell EMC VxRail Appliance 7.0.x versions prior to 7.0.520 7.0.520 Drivers & Downloads

Revision History

RevisionDateDescription
1.02024-6-20Initial Release
2.02024-6-25Added Additional information CVE-2022-23829
3.02024-08-28Added VMSA-2024-0013 and Proprietary code issues

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series , VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VxRail P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670F, VxRail VD-4000R, VxRail VD-4000W, VxRail VD-4000Z, VxRail VD-4510C, VxRail VD-4520C, VxRail VD Series Nodes, VxRail VE-660, VxRail VE-6615, VxRail VP-760, VxRail VP-7625 ...
Article Properties
Article Number: 000226270
Article Type: Dell Security Advisory
Last Modified: 28 Aug 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.