Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.

Article Number: 000201003


DSA-2022-174: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.

Article Content


Impact

Critical

Details

Third-Party Component CVE(s) More Information
Spring Security CVE-2022-22978  
VMware vCenter Server CVE-2022-22982 VMSA-2022-0018
VMware ESXi CVE-2022-21123 See VMware article: VMSA-2022-0016. See workaround and mitigation table below
CVE-2022-21125
CVE-2022-21166
Dell PowerEdge BIOS CVE-2020-12966 See Dell article DSA-2021-255 for more details
 AMD CVE-2021-26373 See Dell article DSA-2022-126 for more details
CVE-2021-26347
CVE-2021-26376
CVE-2021-26375
CVE-2021-26378
CVE-2021-26372
CVE-2021-26348
CVE-2021-26342
CVE-2021-26388
CVE-2021-26349
CVE-2021-26364
CVE-2021-26312
CVE-2021-26350
CVE-2021-26339
EDK2 CVE-2019-14584 See Dell article DSA-2022-088 for more details
CVE-2021-28210
CVE-2021-28211
Intel CVE-2021-0060 See Intel article Intel-SA-00470 for more details
CVE-2021-0147
CVE-2021-0127 See Intel article Intel-SA-00532 for more details
CVE-2021-0092 Seen Intel article Intel-SA-00527 for more details
CVE-2021-0093
CVE-2021-0099
CVE-2021-0107
CVE-2021-0111
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0119
CVE-2021-0124
CVE-2021-0125
iDRAC8 CVE-2022-0778 See Dell article DSA-2022-154 for more details
CVE-2022-24423 See Dell article DSA-2022-069 for more details
CVE-2021-36346 See Dell article DSA-2021-259 for more details
SUSE CVE-2017-16932  
CVE-2018-25032
CVE-2018-7755
CVE-2019-20811
CVE-2020-25721
CVE-2020-28097
CVE-2020-29361
CVE-2021-0561
CVE-2021-20292
CVE-2021-20316
CVE-2021-20321
CVE-2021-25220
CVE-2021-28153
CVE-2021-3448
CVE-2021-3564
CVE-2021-3800
CVE-2021-38208
CVE-2021-39648
CVE-2021-39657
CVE-2021-39713
CVE-2021-3999
CVE-2021-4083
CVE-2021-4135
CVE-2021-4149
CVE-2021-4189
CVE-2021-4197
CVE-2021-4202
CVE-2021-43389
CVE-2021-43566
CVE-2021-44141
CVE-2021-44142
CVE-2021-44733
CVE-2021-44879
CVE-2021-45095
CVE-2021-45417
CVE-2021-45868
CVE-2022-0001
CVE-2022-0002
CVE-2022-0322
CVE-2022-0330
CVE-2022-0336
CVE-2022-0391
CVE-2022-0435
CVE-2022-0487
CVE-2022-0492
CVE-2022-0617
CVE-2022-0644
CVE-2022-0778
CVE-2022-0812
CVE-2022-0847
CVE-2022-0850
CVE-2022-0934
CVE-2022-1011
CVE-2022-1016
CVE-2022-1048
CVE-2022-1097
CVE-2022-1271
CVE-2022-1280
CVE-2022-1304
CVE-2022-1353
CVE-2022-1419
CVE-2022-1516
CVE-2022-1552
CVE-2022-21248
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21349
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366
CVE-2022-21426
CVE-2022-21434
CVE-2022-21443
CVE-2022-21476
CVE-2022-21496
CVE-2022-22576
CVE-2022-22942
CVE-2022-23036
CVE-2022-23037
CVE-2022-23038
CVE-2022-23039
CVE-2022-23040
CVE-2022-23041
CVE-2022-23042
CVE-2022-23181
CVE-2022-23218
CVE-2022-23219
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE-2022-23308
CVE-2022-23960
CVE-2022-24407
CVE-2022-24448
CVE-2022-24959
CVE-2022-25308
CVE-2022-25309
CVE-2022-25310
CVE-2022-26490
CVE-2022-26966
CVE-2022-27666
CVE-2022-27776
CVE-2022-27781
CVE-2022-27782
CVE-2022-28356
CVE-2022-28388
CVE-2022-28389
CVE-2022-28390
CVE-2022-28748
CVE-2022-29155
CVE-2022-29824



Third-Party Component CVE(s) More Information
Spring Security CVE-2022-22978  
VMware vCenter Server CVE-2022-22982 VMSA-2022-0018
VMware ESXi CVE-2022-21123 See VMware article: VMSA-2022-0016. See workaround and mitigation table below
CVE-2022-21125
CVE-2022-21166
Dell PowerEdge BIOS CVE-2020-12966 See Dell article DSA-2021-255 for more details
 AMD CVE-2021-26373 See Dell article DSA-2022-126 for more details
CVE-2021-26347
CVE-2021-26376
CVE-2021-26375
CVE-2021-26378
CVE-2021-26372
CVE-2021-26348
CVE-2021-26342
CVE-2021-26388
CVE-2021-26349
CVE-2021-26364
CVE-2021-26312
CVE-2021-26350
CVE-2021-26339
EDK2 CVE-2019-14584 See Dell article DSA-2022-088 for more details
CVE-2021-28210
CVE-2021-28211
Intel CVE-2021-0060 See Intel article Intel-SA-00470 for more details
CVE-2021-0147
CVE-2021-0127 See Intel article Intel-SA-00532 for more details
CVE-2021-0092 Seen Intel article Intel-SA-00527 for more details
CVE-2021-0093
CVE-2021-0099
CVE-2021-0107
CVE-2021-0111
CVE-2021-0114
CVE-2021-0115
CVE-2021-0116
CVE-2021-0117
CVE-2021-0118
CVE-2021-0119
CVE-2021-0124
CVE-2021-0125
iDRAC8 CVE-2022-0778 See Dell article DSA-2022-154 for more details
CVE-2022-24423 See Dell article DSA-2022-069 for more details
CVE-2021-36346 See Dell article DSA-2021-259 for more details
SUSE CVE-2017-16932  
CVE-2018-25032
CVE-2018-7755
CVE-2019-20811
CVE-2020-25721
CVE-2020-28097
CVE-2020-29361
CVE-2021-0561
CVE-2021-20292
CVE-2021-20316
CVE-2021-20321
CVE-2021-25220
CVE-2021-28153
CVE-2021-3448
CVE-2021-3564
CVE-2021-3800
CVE-2021-38208
CVE-2021-39648
CVE-2021-39657
CVE-2021-39713
CVE-2021-3999
CVE-2021-4083
CVE-2021-4135
CVE-2021-4149
CVE-2021-4189
CVE-2021-4197
CVE-2021-4202
CVE-2021-43389
CVE-2021-43566
CVE-2021-44141
CVE-2021-44142
CVE-2021-44733
CVE-2021-44879
CVE-2021-45095
CVE-2021-45417
CVE-2021-45868
CVE-2022-0001
CVE-2022-0002
CVE-2022-0322
CVE-2022-0330
CVE-2022-0336
CVE-2022-0391
CVE-2022-0435
CVE-2022-0487
CVE-2022-0492
CVE-2022-0617
CVE-2022-0644
CVE-2022-0778
CVE-2022-0812
CVE-2022-0847
CVE-2022-0850
CVE-2022-0934
CVE-2022-1011
CVE-2022-1016
CVE-2022-1048
CVE-2022-1097
CVE-2022-1271
CVE-2022-1280
CVE-2022-1304
CVE-2022-1353
CVE-2022-1419
CVE-2022-1516
CVE-2022-1552
CVE-2022-21248
CVE-2022-21277
CVE-2022-21282
CVE-2022-21283
CVE-2022-21291
CVE-2022-21293
CVE-2022-21294
CVE-2022-21296
CVE-2022-21299
CVE-2022-21305
CVE-2022-21340
CVE-2022-21341
CVE-2022-21349
CVE-2022-21360
CVE-2022-21365
CVE-2022-21366
CVE-2022-21426
CVE-2022-21434
CVE-2022-21443
CVE-2022-21476
CVE-2022-21496
CVE-2022-22576
CVE-2022-22942
CVE-2022-23036
CVE-2022-23037
CVE-2022-23038
CVE-2022-23039
CVE-2022-23040
CVE-2022-23041
CVE-2022-23042
CVE-2022-23181
CVE-2022-23218
CVE-2022-23219
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE-2022-23308
CVE-2022-23960
CVE-2022-24407
CVE-2022-24448
CVE-2022-24959
CVE-2022-25308
CVE-2022-25309
CVE-2022-25310
CVE-2022-26490
CVE-2022-26966
CVE-2022-27666
CVE-2022-27776
CVE-2022-27781
CVE-2022-27782
CVE-2022-28356
CVE-2022-28388
CVE-2022-28389
CVE-2022-28390
CVE-2022-28748
CVE-2022-29155
CVE-2022-29824



Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Affected Versions Updated Versions
Dell EMC VxRail Appliance 4.7.x versions before 4.7.550 4.7.550
Product Affected Versions Updated Versions
Dell EMC VxRail Appliance 4.7.x versions before 4.7.550 4.7.550

Workarounds and Mitigations

VMware ESXi CVE-2022-21123 See VMware article VMSA-2022-0016.
See VMware article KB 88632 for mitigation instructions. 
CVE-2022-21125
CVE-2022-21166

Revision History

RevisionDateDescription
1.02022-06-28Initial Release
1.12022-07-12Added CVE-2021-36346
1.22022-07-14Added CVE-2022-22982

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide


Article Properties


Affected Product

VxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance SeriesVxRail, CloudArray Virtual Edition for VxRail Appliance, Product Security Information, VMWare Cloud on Dell EMC VxRail E560F, VMWare Cloud on Dell EMC VxRail E560N, VxRail 460 and 470 Nodes, VxRail Appliance Family, VxRail Appliance Series, VxRail G410, VxRail G Series Nodes, VxRail D Series Nodes, VxRail D560, VxRail D560F, VxRail E Series Nodes, VxRail E460, VxRail E560, VxRail E560 VCF, VxRail E560F, VxRail E560F VCF, VxRail E560N, VxRail E560N VCF, VxRail E660, VxRail E660F, VxRail E660N, VxRail E665F, VxRail E665N, VxRail G560, VxRail G560 VCF, VxRail G560F, VxRail G560F VCF, VxRail Gen2 Hardware, VxRail P Series Nodes, VxRail P470, VxRail P570, VxRail P570 VCF, VxRail P570F, VxRail P570F VCF, VxRail P580N, VxRail P580N VCF, VXRAIL P670F, VxRail P670N, VxRail P675F, VxRail P675N, VxRail S Series Nodes, VxRail S470, VxRail S570, VxRail S570 VCF, VxRail S670, VxRail Software, VxRail V Series Nodes, VxRail V470, VxRail V570, VxRail V570 VCF, VxRail V570F, VxRail V570F VCF, VXRAIL V670FSee more

Last Published Date

15 Jul 2022

Version

3

Article Type

Dell Security Advisory