High
Third-party Component | CVE | More information |
Third-party Component | CVE-2022-0778 | https://nvd.nist.gov/vuln/detail/CVE-2022-0778 https://www.openssl.org/news/secadv/20220315.txt |
Third-party Component | CVE | More information |
Third-party Component | CVE-2022-0778 | https://nvd.nist.gov/vuln/detail/CVE-2022-0778 https://www.openssl.org/news/secadv/20220315.txt |
CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update | |
CVE-2022-0778 | PowerPath Management Appliance | 3.0 3.0 P01 3.1 3.2 3.2 P01 3.2 SP1 |
PPMA 3.3 or later version for each | https://www.dell.com/support/home/product-support/product/powerpath-management-appliance/drivers | |
CVE-2022-0778 | PowerPath Linux | 7.4 |
|
https://dl.dell.com/content/manual49528625-powerpath-for-linux-security-configuration-guide.pdf?language=en-us&ps=true | |
CVE-2022-0778 | PowerPath Windows |
7.0 |
OpenSSL libraries are not shipped with PowerPath Windows packages, hence not impacted, however for the benefit of customers a separate OpenSSL tools package is posted to Dell download site, where customers can download and install. OpenSSL tools package has the latest version 1.1.1n |
https://dl.dell.com/downloads/DL99599_OpenSSL-Configuration-Utility-3.0.zip |
CVEs Addressed | Product | Affected Versions | Updated Versions | Link to Update | |
CVE-2022-0778 | PowerPath Management Appliance | 3.0 3.0 P01 3.1 3.2 3.2 P01 3.2 SP1 |
PPMA 3.3 or later version for each | https://www.dell.com/support/home/product-support/product/powerpath-management-appliance/drivers | |
CVE-2022-0778 | PowerPath Linux | 7.4 |
|
https://dl.dell.com/content/manual49528625-powerpath-for-linux-security-configuration-guide.pdf?language=en-us&ps=true | |
CVE-2022-0778 | PowerPath Windows |
7.0 |
OpenSSL libraries are not shipped with PowerPath Windows packages, hence not impacted, however for the benefit of customers a separate OpenSSL tools package is posted to Dell download site, where customers can download and install. OpenSSL tools package has the latest version 1.1.1n |
https://dl.dell.com/downloads/DL99599_OpenSSL-Configuration-Utility-3.0.zip |
For PowerPath Management Appliance, see Dell Security KB article 198690: Security Vulnerability (CVE-2022-0778) Detected Against OpenSSL in PowerPath Management Appliance Versions 3.0.x, 3.1, and 3.2.x.
For PowerPath Linux, customer must update the OpenSSL package on the host system. PowerPath Linux Security Configuration Guide (SCG) 2.0 is updated for OpenSSL dependency in host system.
For PowerPath Windows, OpenSSL_Configuration Utility 3.0. OpenSSL libraries are provided to customers through the Dell download site along with an installation script so that customers can install them separately.
Revision | Date | Description |
1.0 | 2022-04-25 | Initial Release |
1.1 | 2022-09-23 | Update to 'Updated versions' and 'Link Update'. |
1.2 | 2022-09-27 | Update to Updated versions' and 'Link Update' and removed impact for 6.4 and 6.5 for PowerPath Windows as they are out of support now. |