DSA-2023-027: Dell VxFlex Ready Node Security Update for PowerEdge BIOS, iDRAC, amd VMware ESXi Vulnerabilities

Summary: Dell Technologies remediation is available for PowerEdge BIOS, iDRAC, and VMware ESXi security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Component CVEs More Information
Dell PowerEdge BIOS CVE-2022-21233 Dell article 202341: DSA-2022-219: Dell PowerEdge Server Security Update for Intel August 2022 Security Advisories (2022.2 IPU).
CVE-2022-26074
CVE-2022-33060
CVE-2022-34377
CVE-2022-34376
CVE-2022-34406
CVE-2022-34407
CVE-2022-34408
CVE-2022-34409
CVE-2022-34410
CVE-2022-34411
CVE-2022-34412
CVE-2022-34413
CVE-2022-34414
CVE-2022-34415
CVE-2022-34416
CVE-2022-34417
CVE-2022-34418
CVE-2022-34419
CVE-2022-34420
CVE-2022-34421
CVE-2022-34422
CVE-2022-34423
iDRAC CVE-2022-34435
VMware ESXi CVE-2022-31681 
Embedded OS CVE-2022-42889
Dell 
Component CVEs More Information
Dell PowerEdge BIOS CVE-2022-21233 Dell article 202341: DSA-2022-219: Dell PowerEdge Server Security Update for Intel August 2022 Security Advisories (2022.2 IPU).
CVE-2022-26074
CVE-2022-33060
CVE-2022-34377
CVE-2022-34376
CVE-2022-34406
CVE-2022-34407
CVE-2022-34408
CVE-2022-34409
CVE-2022-34410
CVE-2022-34411
CVE-2022-34412
CVE-2022-34413
CVE-2022-34414
CVE-2022-34415
CVE-2022-34416
CVE-2022-34417
CVE-2022-34418
CVE-2022-34419
CVE-2022-34420
CVE-2022-34421
CVE-2022-34422
CVE-2022-34423
iDRAC CVE-2022-34435
VMware ESXi CVE-2022-31681 
Embedded OS CVE-2022-42889
Dell 
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Updated Versions Links to Update
R650 and R750 Custom Nodes Dell PowerEdge BIOS -15G versions before 1.8.2 1.8.2 Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
R640, R740, and R840 VxFlex Ready Node iDRAC versions before 6.00.30.202 6.00.30.202 Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
R650 and R750 Custom Node iDRAC versions before 6.00.30.202 6.00.30.202 Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
ESXi ESXi versions before 7.0 U3g 7.0 U3g Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
Product Affected Versions Updated Versions Links to Update
R650 and R750 Custom Nodes Dell PowerEdge BIOS -15G versions before 1.8.2 1.8.2 Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
R640, R740, and R840 VxFlex Ready Node iDRAC versions before 6.00.30.202 6.00.30.202 Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
R650 and R750 Custom Node iDRAC versions before 6.00.30.202 6.00.30.202 Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)
ESXi ESXi versions before 7.0 U3g 7.0 U3g Downloads (when upgrading using OpenManage Enterprise)
Documents (when doing manual upgrade)

Revision History

 

 Revision  Date Description
 1.0 2022-01-30  Initial Release 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

VxFlex Ready Nodes, Product Security Information, VxFlex Product Family, VxFlex Ready Node, VxFlex Ready Node R640, VxFlex Ready Node R740xd, VxFlex Ready Node R840
Article Properties
Article Number: 000208007
Article Type: Dell Security Advisory
Last Modified: 07 Feb 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.