Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Some article numbers may have changed. If this isn't what you're looking for, try searching all articles. Search articles

Article Number: 000200100


DSA-2022-137: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details

Third-party Component CVEs More Information
Spring CVE-2022-22963 Not impacted by CVE-2022-22965
iDRAC CVE-2022-24422 See Dell article 199267, DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability for more details
CVE-2021-3712 See Dell article 194038, DSA-2021-259: Dell iDRAC Security Update for Multiple Security Vulnerabilities for more details
CVE-2021-36347
CVE-2021-36348
PowerEdge Intel BIOS
(R640, R740, R840, C6420, XR2)
CVE-2019-14584 See Dell article 198065, DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities for more details
CVE-2021-28210
CVE-2021-28211
CVE-2021-0091 See Dell article 196063, DSA-2022-040: Dell Client Security Update for Intel February 2022 Vulnerabilities for more details
CVE-2021-0119
CVE-2021-0147
CVE-2021-0060 See Dell article 196007, DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release for more details
CVE-2021-0092
CVE-2021-0093
CVE-2021-0099
CVE-2021-0103
CVE-2021-0107
CVE-2021-0111
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0124
CVE-2021-0125
CVE-2021-0127
Third-party Component CVEs More Information
Spring CVE-2022-22963 Not impacted by CVE-2022-22965
iDRAC CVE-2022-24422 See Dell article 199267, DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability for more details
CVE-2021-3712 See Dell article 194038, DSA-2021-259: Dell iDRAC Security Update for Multiple Security Vulnerabilities for more details
CVE-2021-36347
CVE-2021-36348
PowerEdge Intel BIOS
(R640, R740, R840, C6420, XR2)
CVE-2019-14584 See Dell article 198065, DSA-2022-088: Dell PowerEdge Server BIOS Security Update for Multiple Tianocore EDK2 Vulnerabilities for more details
CVE-2021-28210
CVE-2021-28211
CVE-2021-0091 See Dell article 196063, DSA-2022-040: Dell Client Security Update for Intel February 2022 Vulnerabilities for more details
CVE-2021-0119
CVE-2021-0147
CVE-2021-0060 See Dell article 196007, DSA-2022-036: PowerEdge Server Security Update for Intel February 2022 Security Advisory Release for more details
CVE-2021-0092
CVE-2021-0093
CVE-2021-0099
CVE-2021-0103
CVE-2021-0107
CVE-2021-0111
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0124
CVE-2021-0125
CVE-2021-0127
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions
Dell VxRail 4.5.x versions before 4.5.480 4.5.480

Product Affected Versions Updated Versions
Dell VxRail 4.5.x versions before 4.5.480 4.5.480

Revision History

RevisionDateDescription
1.02022-05-26Initial Release
1.12022-06-01Removed CVE-2022-24423

Related Information


Article Properties


Affected Product
VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series , VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560F, VxRail E560N, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560F, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570F, VxRail P580N, VXRAIL P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570F, VXRAIL V670F ...
Last Published Date

27 Jun 2023

Article Type

Dell Security Advisory