Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000200286


DSA-2022-157: Dell Elastic Cloud Storage (ECS) Security Update for Multiple Third-Party Component Vulnerabilities

Summary: DSA-2022-157: Dell Elastic Cloud Storage (ECS) Security Update for Multiple Third-Party Component Vulnerabilities

Article Content


Impact

Critical

Details

Component CVE IDs Details
aide CVE-2021-45417 See NVD (https://nvd.nist.gov/vuln/search) for individual scores for each CVE
apache2 CVE-2021-44224
CVE-2021-44790
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
CVE-2022-23943
bind CVE-2021-25220
cyrus-sasl CVE-2022-24407
expat CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-23852
CVE-2022-23990
CVE-2022-25236
CVE-2022-25313
CVE-2022-25314
CVE-2022-25315
glibc CVE-2021-3999
CVE-2022-23218
CVE-2022-23219
Java CVE-2022-21248
CVE-2022-21271
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21349
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366
CVE-2022-21426
CVE-2022-21434
CVE-2022-21443
CVE-2022-21449
CVE-2022-21476
CVE-2022-21496
libsndfile CVE-2021-4156
net-snm CVE-2020-15862
openssl CVE-2022-0778
python3 CVE-2021-4189
CVE-2022-0391
CVE-2021-3572
tcpdump CVE-2018-16301
tiff CVE-2017-17095
CVE-2019-17546
CVE-2020-19131
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2022-22844
CVE-2022-25235
util-linux CVE-2021-37600
xz CVE-2022-1271
zlib CVE-2018-25032
Component CVE IDs Details
aide CVE-2021-45417 See NVD (https://nvd.nist.gov/vuln/search) for individual scores for each CVE
apache2 CVE-2021-44224
CVE-2021-44790
CVE-2022-22719
CVE-2022-22720
CVE-2022-22721
CVE-2022-23943
bind CVE-2021-25220
cyrus-sasl CVE-2022-24407
expat CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
CVE-2022-23852
CVE-2022-23990
CVE-2022-25236
CVE-2022-25313
CVE-2022-25314
CVE-2022-25315
glibc CVE-2021-3999
CVE-2022-23218
CVE-2022-23219
Java CVE-2022-21248
CVE-2022-21271
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21349
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366
CVE-2022-21426
CVE-2022-21434
CVE-2022-21443
CVE-2022-21449
CVE-2022-21476
CVE-2022-21496
libsndfile CVE-2021-4156
net-snm CVE-2020-15862
openssl CVE-2022-0778
python3 CVE-2021-4189
CVE-2022-0391
CVE-2021-3572
tcpdump CVE-2018-16301
tiff CVE-2017-17095
CVE-2019-17546
CVE-2020-19131
CVE-2020-35521
CVE-2020-35522
CVE-2020-35523
CVE-2020-35524
CVE-2022-22844
CVE-2022-25235
util-linux CVE-2021-37600
xz CVE-2022-1271
zlib CVE-2018-25032

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Version(s) Updated Version(s) Remediation
Dell EMC Elastic Cloud Storage ECS version prior to 3.7.0.2   ECS 3.7.0.2 Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request.
Product Affected Version(s) Updated Version(s) Remediation
Dell EMC Elastic Cloud Storage ECS version prior to 3.7.0.2   ECS 3.7.0.2 Dell recommends all customers have their ECS systems upgraded at the earliest opportunity by opening an “Operating Environment Upgrade” Service Request.

Workarounds and Mitigations

None.

Revision History

RevisionDateDescription
1.02022-06-02Initial Release

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

ECS, ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900ECS, ECS Appliance Hardware Gen3 EX5000, ECS Appliance, ECS Appliance Gen 2, ECS Appliance Gen 3, ECS Appliance Hardware Gen3 EX300, ECS Appliance Hardware Gen3 EX3000, ECS Appliance Hardware Gen3 EX500, ECS Appliance Hardware Gen3 EXF900, ECS Appliance Hardware Series, ECS Appliance Software with Encryption, ECS Appliance Software without Encryption, ECS SD, Product Security InformationSee more

Last Published Date

03 Jun 2022

Version

2

Article Type

Dell Security Advisory