Article Number: 000214659
Critical
Third-Party Component | CVEs | More information |
Dell PowerEdge 14G Server BIOS - Out of Bounds Write Vulnerability | CVE-2023-25537 | For more information, see Dell article 213550, DSA-2023-098: Security Update for Dell PowerEdge 14G Server BIOS for an Out of Bounds Write Vulnerability |
Dell PowerEdge Server - OpenSSL | CVE-2023-0215, CVE-2023-0286, CVE-2022-4304, CVE-2022-4450 | For more information, see Dell article 214129, DSA-2023-134: Security Update for Dell PowerEdge Server for Multiple OpenSSL Vulnerabilities |
Dell PowerEdge Server - Tianocore EDK2 | CVE-2021-38578 | For more information, see see Dell article 214125, DSA-2023-097: Security Update for Dell PowerEdge Server for Tianocore EDK2 Vulnerability |
Dell PowerEdge Server - Intel Xeon | CVE-2022-33894, CVE-2022-38087 | For more information, see see Dell article 213216, DSA-2023-096: Security Update for Dell PowerEdge Server for Intel May 2023 Security Advisories (2023.2 IPU) |
Dell PowerEdge Server - Intel Ethernet Controllers and Adapters | CVE-2023-22276, CVE-2023-25775 | DSA-2023-208 |
Intel E810 Series Firmware | CVE-2023-28376 | DSA-2023-378 |
Dell iDRAC9 Heimdall | CVE-2022-44640 | For more information, DSA-2022-162 |
Cilium | CVE-2022-29179 | For more information, NVD website |
Python Celery | CVE-2021-23727 | For more information, NVD website |
VMware ESXi |
CVE-2023-1017, CVE-2023-1018 | VMware’s release notes |
CVE-2020-28196 | VMware’s release notes | |
SUSE | CVE-2023-30630, CVE-2023-29469, CVE-2023-28708, CVE-2023-28642, CVE-2023-28487, CVE-2023-28486, CVE-2023-28484, CVE-2023-28466, CVE-2023-28464, CVE-2023-28328, CVE-2023-28327, CVE-2023-27561, CVE-2023-27538, CVE-2023-27536, CVE-2023-27535, CVE-2023-27534, CVE-2023-27533, CVE-2023-27320, CVE-2023-26545, CVE-2023-25809, CVE-2023-25193, CVE-2023-25173, CVE-2023-25153, CVE-2023-25012, CVE-2023-24998, CVE-2023-24329, CVE-2023-23931, CVE-2023-23559, CVE-2023-23004, CVE-2023-23001, CVE-2023-23000, CVE-2023-22998, CVE-2023-22995, CVE-2023-21843, CVE-2023-21835, CVE-2023-1981, CVE-2023-1838, CVE-2023-1652, CVE-2023-1637, CVE-2023-1611, CVE-2023-1582, CVE-2023-1513, CVE-2023-1281, CVE-2023-1175, CVE-2023-1170, CVE-2023-1127, CVE-2023-1118, CVE-2023-1095, CVE-2023-1078, CVE-2023-1076, CVE-2023-1075, CVE-2023-0687, CVE-2023-0597, CVE-2023-0512, CVE-2023-0466, CVE-2023-0465, CVE-2023-0464, CVE-2023-0461, CVE-2023-0394, CVE-2023-0361, CVE-2023-0045, CVE-2022-4899, CVE-2022-48303, CVE-2022-4744, CVE-2022-45143, CVE-2022-45061, CVE-2022-41862, CVE-2022-38096, CVE-2022-36280, CVE-2022-36109, CVE-2022-3555, CVE-2022-3523, CVE-2022-28737, CVE-2022-23471, CVE-2021-30560, CVE-2021-30465, CVE-2019-19921, CVE-2017-5753 | For more information, SUSE website |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2023-32463 | Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. | 3.4 | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L |
Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
CVE-2023-32463 | Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. | 3.4 | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Dell VxRail Appliance | Versions prior to 8.0.100 | 8.0.100 | VxRail 8.0.100 Package Software |
Product | Affected Versions | Remediated Versions | Link |
---|---|---|---|
Dell VxRail Appliance | Versions prior to 8.0.100 | 8.0.100 | VxRail 8.0.100 Package Software |
Revision | Date | Description |
1.0 | 2023-06-13 | Initial Release |
2.0 | 2023-07-13 | Amended for iDRAC9 vulnerability |
3.0 | 2023-09-22 | Amended for PowerEdge Intel vulnerabilities |
4.0 | 2023-10-12 | Amended for Celery vulnerability |
5.0 | 2023-11-21 | Amended for Intel firmware vulnerability |
21 Nov 2023
10
Dell Security Advisory