Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
Sign In Create an Account Premier Sign In Partner Program Sign In
Contact Us
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

DSA-2022-147: DELL EMC PowerFlex 15G-Based Custom Node, 14G-Based VxFlex Ready Node, and 13G-Based ScaleIO Ready Node Security Update for iDRAC-Based Vulnerabilities

Summary: Remediation is available for iDRAC security vulnerabilities that may be exploited by malicious users to compromise the affected system.

This article applies to   This article does not apply to 
Check out resources for

Impact

High

Details

Component CVEs More Information
iDRAC CVE-2022-24423 Dell article 198064, DSA-2022-069: Dell iDRAC8 Security Update for a Denial of Service Vulnerability
CVE-2022-0778 Dell article 200644, DSA-2022-154: Dell iDRAC8 and Dell iDRAC9 Security Update for an OpenSSL Vulnerability
Component CVEs More Information
iDRAC CVE-2022-24423 Dell article 198064, DSA-2022-069: Dell iDRAC8 Security Update for a Denial of Service Vulnerability
CVE-2022-0778 Dell article 200644, DSA-2022-154: Dell iDRAC8 and Dell iDRAC9 Security Update for an OpenSSL Vulnerability
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2022-0778 R650 and R750 Custom Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R640, R740, and R840 VxFlex Ready Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R630 and R730xd ScaleIO Ready Node  iDRAC versions before 2.83.83.83 2.83.83.83 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-24423
CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2022-0778 R650 and R750 Custom Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R640, R740, and R840 VxFlex Ready Node iDRAC versions before 5.10.30.00 5.10.30.00 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-0778 R630 and R730xd ScaleIO Ready Node  iDRAC versions before 2.83.83.83 2.83.83.83 Downloads (in case of upgrade using OME)
Documents (in case of manual upgrade)
CVE-2022-24423

Revision History

RevisionDateDescription
1.02022-06-22Initial release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

VxFlex Ready Nodes, PowerFlex custom node, ScaleIO, PowerFlex custom node, PowerFlex custom node R650, PowerFlex custom node R750, Product Security Information, VxFlex Ready Node, VxFlex Ready Node R640, VxFlex Ready Node R740xd, Ready Node Series , VxFlex Ready Node R840 ...