Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000195888

DSA-2022-022: 여러 타사 구성 요소 취약성에 대한 Dell EMC VxRail 보안 업데이트

Summary: 악의적인 사용자가 영향을 받는 시스템을 손상시키는 데 악용할 수 있는 여러 보안 취약성에 대해 Dell EMC VxRail BIOS 문제 해결을 사용할 수 있습니다.

This article may have been automatically translated. If you have any feedback regarding its quality, please let us know using the form at the bottom of this page.

Article Content

Impact

Critical

Details

타사 구성 요소 CVE 추가 정보
VMware vCenter CVE-2021-44832 Apache Log4j
VMSA-2021-0028
DSN-2021-007
DSA-2021-265
CVE-2021-45105
CVE-2021-44228
CVE-2021-45046
CVE-2021-22048 VMSA-2021-0025/권한 상승 취약성
CVE-2021-40438 Apache HTTPD
VMware ESXi CVE-2021-22045 VMSA-2022-0001/힙 오버플로 취약성
VxM SUSE
취약성		 CVE-2016-10228  
CVE-2018-13139
CVE-2018-14679
CVE-2018-14681
CVE-2018-14682
CVE-2018-19432
CVE-2018-19758
CVE-2019-20838
CVE-2020-12049
CVE-2020-12825
CVE-2020-14155
CVE-2020-23903
CVE-2020-26137
CVE-2020-29361
CVE-2020-3702
CVE-2020-8927
CVE-2021-0941
CVE-2021-20266
CVE-2021-20271
CVE-2021-20294
CVE-2021-20322
CVE-2021-21781
CVE-2021-21996
CVE-2021-22543
CVE-2021-22946
CVE-2021-22947
CVE-2021-23214
CVE-2021-2341
CVE-2021-2369
CVE-2021-2388
CVE-2021-23222
CVE-2021-30465
CVE-2021-31810
CVE-2021-31916
CVE-2021-3246
CVE-2021-32760
CVE-2021-33574
CVE-2021-33910
CVE-2021-3421
CVE-2021-3426
CVE-2021-34556
CVE-2021-34981
CVE-2021-35477
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35567
CVE-2021-35578
CVE-2021-35586
CVE-2021-35603
CVE-2021-3572
CVE-2021-35942
CVE-2021-36222
CVE-2021-3640
CVE-2021-3653
CVE-2021-3656
CVE-2021-3659
CVE-2021-3669
CVE-2021-3677
CVE-2021-3679
CVE-2021-3711
CVE-2021-3712
CVE-2021-37159
CVE-2021-3732
CVE-2021-3733
CVE-2021-3737
CVE-2021-3739
CVE-2021-3743
CVE-2021-3744
CVE-2021-3752
CVE-2021-3753
CVE-2021-37576
CVE-2021-3759
CVE-2021-37600
CVE-2021-3764
CVE-2021-37750
CVE-2021-38160
CVE-2021-38198
CVE-2021-38204
CVE-2021-38205
CVE-2021-38207
CVE-2021-39537
CVE-2021-40490
CVE-2021-4104
CVE-2021-41089
CVE-2021-41091
CVE-2021-41092
CVE-2021-41103
CVE-2021-41990
CVE-2021-41991
CVE-2021-43389
  CVE-2021-43527  
CVE-2021-43618
CVE-2021-43784

참고:  vCenter Server 6.5 업데이트 3r 및 vCenter Server 6.7 업데이트 3p의 일부 OSS 패키지 버전이 vCenter Server 7.0 업데이트 3c의 버전보다 나중이기 때문입니다. VxRail 4.5.470 및 4.7.540에서 7.0.320으로 업그레이드하면 시스템이 다음과 같은 취약성에 노출될 수 있습니다.
  • Apache Tomcat:  CVE-2021-41079 (7.5), CVE-2021-30639 (7.5), CVE-2021-30640 (6.5), CVE-2021-33037 (5.3)
  • Eclipse Jetty:  CVE-2021-34429 (5.0), CVE-2021-34428 (3.6), CVE-2021-28169 (5.0)
  • cURL:  CVE-2021-22897 (5.3), CVE-2021-22926 (7.5), CVE-2021-22925 (5.3), CVE-2021-22924 (3.7),
    CVE-2021-22923 (5.3), CVE-2021-22922 (6.5)
  • OpenSSL 라이브러리:  CVE-2021-3712 (7.4)
  • Oracle (Sun) JRE 및 JDK:  CVE-2021-2388(5.1), CVE-2021-2163(2.6), CVE-2021-2161(4.3)
  • SQLite:  CVE-2021-20227(5.5)
이것은 알려진 VMware vSphere 문제입니다. 영향을 받는 OSS 패키지의 업데이트된 버전은 향후 vCenter Server 7.x 릴리스와 함께 제공됩니다.  자세한 내용은 VMware vCenter Server 7.0 업데이트 3c 릴리스 노트를 참조하십시오.
타사 구성 요소 CVE 추가 정보
VMware vCenter CVE-2021-44832 Apache Log4j
VMSA-2021-0028
DSN-2021-007
DSA-2021-265
CVE-2021-45105
CVE-2021-44228
CVE-2021-45046
CVE-2021-22048 VMSA-2021-0025/권한 상승 취약성
CVE-2021-40438 Apache HTTPD
VMware ESXi CVE-2021-22045 VMSA-2022-0001/힙 오버플로 취약성
VxM SUSE
취약성		 CVE-2016-10228  
CVE-2018-13139
CVE-2018-14679
CVE-2018-14681
CVE-2018-14682
CVE-2018-19432
CVE-2018-19758
CVE-2019-20838
CVE-2020-12049
CVE-2020-12825
CVE-2020-14155
CVE-2020-23903
CVE-2020-26137
CVE-2020-29361
CVE-2020-3702
CVE-2020-8927
CVE-2021-0941
CVE-2021-20266
CVE-2021-20271
CVE-2021-20294
CVE-2021-20322
CVE-2021-21781
CVE-2021-21996
CVE-2021-22543
CVE-2021-22946
CVE-2021-22947
CVE-2021-23214
CVE-2021-2341
CVE-2021-2369
CVE-2021-2388
CVE-2021-23222
CVE-2021-30465
CVE-2021-31810
CVE-2021-31916
CVE-2021-3246
CVE-2021-32760
CVE-2021-33574
CVE-2021-33910
CVE-2021-3421
CVE-2021-3426
CVE-2021-34556
CVE-2021-34981
CVE-2021-35477
CVE-2021-35550
CVE-2021-35556
CVE-2021-35559
CVE-2021-35561
CVE-2021-35564
CVE-2021-35565
CVE-2021-35567
CVE-2021-35578
CVE-2021-35586
CVE-2021-35603
CVE-2021-3572
CVE-2021-35942
CVE-2021-36222
CVE-2021-3640
CVE-2021-3653
CVE-2021-3656
CVE-2021-3659
CVE-2021-3669
CVE-2021-3677
CVE-2021-3679
CVE-2021-3711
CVE-2021-3712
CVE-2021-37159
CVE-2021-3732
CVE-2021-3733
CVE-2021-3737
CVE-2021-3739
CVE-2021-3743
CVE-2021-3744
CVE-2021-3752
CVE-2021-3753
CVE-2021-37576
CVE-2021-3759
CVE-2021-37600
CVE-2021-3764
CVE-2021-37750
CVE-2021-38160
CVE-2021-38198
CVE-2021-38204
CVE-2021-38205
CVE-2021-38207
CVE-2021-39537
CVE-2021-40490
CVE-2021-4104
CVE-2021-41089
CVE-2021-41091
CVE-2021-41092
CVE-2021-41103
CVE-2021-41990
CVE-2021-41991
CVE-2021-43389
  CVE-2021-43527  
CVE-2021-43618
CVE-2021-43784

참고:  vCenter Server 6.5 업데이트 3r 및 vCenter Server 6.7 업데이트 3p의 일부 OSS 패키지 버전이 vCenter Server 7.0 업데이트 3c의 버전보다 나중이기 때문입니다. VxRail 4.5.470 및 4.7.540에서 7.0.320으로 업그레이드하면 시스템이 다음과 같은 취약성에 노출될 수 있습니다.
  • Apache Tomcat:  CVE-2021-41079 (7.5), CVE-2021-30639 (7.5), CVE-2021-30640 (6.5), CVE-2021-33037 (5.3)
  • Eclipse Jetty:  CVE-2021-34429 (5.0), CVE-2021-34428 (3.6), CVE-2021-28169 (5.0)
  • cURL:  CVE-2021-22897 (5.3), CVE-2021-22926 (7.5), CVE-2021-22925 (5.3), CVE-2021-22924 (3.7),
    CVE-2021-22923 (5.3), CVE-2021-22922 (6.5)
  • OpenSSL 라이브러리:  CVE-2021-3712 (7.4)
  • Oracle (Sun) JRE 및 JDK:  CVE-2021-2388(5.1), CVE-2021-2163(2.6), CVE-2021-2161(4.3)
  • SQLite:  CVE-2021-20227(5.5)
이것은 알려진 VMware vSphere 문제입니다. 영향을 받는 OSS 패키지의 업데이트된 버전은 향후 vCenter Server 7.x 릴리스와 함께 제공됩니다.  자세한 내용은 VMware vCenter Server 7.0 업데이트 3c 릴리스 노트를 참조하십시오.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

제품 영향을 받는 버전 업데이트된 버전
Dell EMC VxRail 어플라이언스 7.0.320 이전의 7.0.x 버전 7.0.320

제품 영향을 받는 버전 업데이트된 버전
Dell EMC VxRail 어플라이언스 7.0.320 이전의 7.0.x 버전 7.0.320

Revision History

개정날짜설명
1.02022년 2월 1일최초 릴리스
1.12022년 2월 28일SUSE CVE 추가


 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product
VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series , VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VXRAIL P670F, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670F ...
Last Published Date

22 Nov 2022

Article Type

Dell Security Advisory

Back to Top