Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000198739

DSA-2022-101: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content

Impact

Critical

Details

Third-party Component CVEs More Information
Spring Framework CVE-2022-22963  
CVE-2022-22965
iDRAC9 CVE-2021-3712 See Dell KB article DSA-2021-259 for more information
 
CVE-2021-36347
CVE-2021-36348
CVE-2022-24422 See Dell KB article DSA-2022-068 for more information
VxM SUSE Vulnerabilities CVE-2018-25020  
CVE-2018-25032
CVE-2019-15126
CVE-2020-27820
CVE-2020-28097
CVE-2020-29361
CVE-2021-0920
CVE-2021-0935
CVE-2021-20316
CVE-2021-25220
CVE-2021-28711
CVE-2021-28712
CVE-2021-28713
CVE-2021-28714
CVE-2021-28715
CVE-2021-33098
CVE-2021-3564
CVE-2021-3800
CVE-2021-39648
CVE-2021-39657
CVE-2021-3999
CVE-2021-4002
CVE-2021-4009
CVE-2021-4011
CVE-2021-4083
CVE-2021-4135
CVE-2021-4149
CVE-2021-4156
CVE-2021-4189
CVE-2021-4197
CVE-2021-4202
CVE-2021-43566
CVE-2021-43975
CVE-2021-43976
CVE-2021-44141
CVE-2021-44142
CVE-2021-44733
CVE-2021-4487
CVE-2021-4509
CVE-2021-45417
CVE-2021-45485
CVE-2021-45486
CVE-2021-45960
CVE-2021-46143
CVE-2022-0001
CVE-2022-0002
CVE-2022-0322
CVE-2022-0330
CVE-2022-0336
CVE-2022-0391
CVE-2022-0435
CVE-2022-0487
CVE-2022-0492
CVE-2022-0617
CVE-2022-0644
CVE-2022-0778
CVE-2022-0847
CVE-2022-1097
CVE-2022-21248
CVE-2022-21282
CVE-2022-21283
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21349
CVE-2022-21360
CVE-2022-21365
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-22942
CVE-2022-23181
CVE-2022-23218
CVE-2022-23219
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE-2022-23852
CVE-2022-23990
CVE-2022-2444
CVE-2022-2495
CVE-2022-25236
Intel Solid State Drive (SSD) CVE-2021-0148 See Dell KB article DSA-2022-027
See Intel work around below
Third-party Component CVEs More Information
Spring Framework CVE-2022-22963  
CVE-2022-22965
iDRAC9 CVE-2021-3712 See Dell KB article DSA-2021-259 for more information
 
CVE-2021-36347
CVE-2021-36348
CVE-2022-24422 See Dell KB article DSA-2022-068 for more information
VxM SUSE Vulnerabilities CVE-2018-25020  
CVE-2018-25032
CVE-2019-15126
CVE-2020-27820
CVE-2020-28097
CVE-2020-29361
CVE-2021-0920
CVE-2021-0935
CVE-2021-20316
CVE-2021-25220
CVE-2021-28711
CVE-2021-28712
CVE-2021-28713
CVE-2021-28714
CVE-2021-28715
CVE-2021-33098
CVE-2021-3564
CVE-2021-3800
CVE-2021-39648
CVE-2021-39657
CVE-2021-3999
CVE-2021-4002
CVE-2021-4009
CVE-2021-4011
CVE-2021-4083
CVE-2021-4135
CVE-2021-4149
CVE-2021-4156
CVE-2021-4189
CVE-2021-4197
CVE-2021-4202
CVE-2021-43566
CVE-2021-43975
CVE-2021-43976
CVE-2021-44141
CVE-2021-44142
CVE-2021-44733
CVE-2021-4487
CVE-2021-4509
CVE-2021-45417
CVE-2021-45485
CVE-2021-45486
CVE-2021-45960
CVE-2021-46143
CVE-2022-0001
CVE-2022-0002
CVE-2022-0322
CVE-2022-0330
CVE-2022-0336
CVE-2022-0391
CVE-2022-0435
CVE-2022-0487
CVE-2022-0492
CVE-2022-0617
CVE-2022-0644
CVE-2022-0778
CVE-2022-0847
CVE-2022-1097
CVE-2022-21248
CVE-2022-21282
CVE-2022-21283
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21349
CVE-2022-21360
CVE-2022-21365
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-22942
CVE-2022-23181
CVE-2022-23218
CVE-2022-23219
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE-2022-23852
CVE-2022-23990
CVE-2022-2444
CVE-2022-2495
CVE-2022-25236
Intel Solid State Drive (SSD) CVE-2021-0148 See Dell KB article DSA-2022-027
See Intel work around below
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Version
Dell EMC VxRail 4.7.x versions before 4.7.542 4.7.542
Product Affected Versions Updated Version
Dell EMC VxRail 4.7.x versions before 4.7.542 4.7.542

Workarounds and Mitigations

Product Affected Versions CVE Identifier Updated Versions Workarounds
Dell VxRail 4.7.x versions before 4.7.542 CVE-2021-0148 4.7.542 INTEL-SA-00535

Revision History

RevisionDateDescription
1.02022-04-21Initial Release
1.12022-04-28Added Intel work around
1.22022-05-23Added CVE-2021-4156, CVE-2022-24422

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product
VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series , VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VXRAIL P670F, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670F ...
Last Published Date

23 May 2022

Version

4

Article Type

Dell Security Advisory

Back to Top