Article Number: 000215747

DSA-2023-205: Security Update for Dell PowerScale OneFS for Multiple Vulnerabilities

Summary: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Article Content

Impact

High

Details

Third-Party Component	CVEs	CVSS Vector String
Intel BIOS	CVE-2022-26343, CVE-2022-32231, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	Intel-SA-00601, INTEL-SA-00717 See NVD link below for individual scores for each CVE. http://nvd.nist.gov/
iDRAC9	CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347	DSA-2021-177: Dell EMC iDRAC, DSA-2021-133: Dell iDRAC See NVD link below for individual scores for each CVE. http://nvd.nist.gov/

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

CVEs	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2022-26343, CVE-2022-32231	Isilon A200	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	Isilon A2000	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Archive A300	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Archive A3000	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	Isilon H400	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Hybrid H700	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Hybrid H7000	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area

CVEs	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2022-26343, CVE-2022-32231	Isilon A200	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	Isilon A2000	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Archive A300	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Archive A3000	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	Isilon H400	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Hybrid H700	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-26343, CVE-2022-32231	PowerScale Hybrid H7000	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area
CVE-2022-44640, CVE-2022-0778, CVE-2021-20235, CVE-2021-36299, CVE-2021-21581, CVE-2021-21580, CVE-2021-21579, CVE-2021-21578, CVE-2021-21577, CVE-2021-21576, CVE-2021-36301, CVE-2021-36300, CVE-2022-34435, CVE-2021-3712, CVE-2021-36348, CVE-2021-36347, CVE-2021-0154, CVE-2021-0153, CVE-2021-33123, CVE-2021-0190, CVE-2021-33122, CVE-2021-0189, CVE-2021-33124, CVE-2021-33103, CVE-2021-0159, CVE-2021-0188, CVE-2021-0155, CVE-2022-34377, CVE-2022-34376, CVE-2022-34406, CVE-2022-34407, CVE-2022-34408, CVE-2022-34409, CVE-2022-34410, CVE-2022-34411, CVE-2022-34412, CVE-2022-34413, CVE-2022-34414, CVE-2022-34415, CVE-2022-34416, CVE-2022-34417, CVE-2022-34418, CVE-2022-34419, CVE-2022-34420, CVE-2022-34421, CVE-2022-34422, CVE-2022-34423	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 11.7	Version 11.7.1 or later	PowerScale OneFS Downloads Area

Revision History

Revision	Date	Description
1.0	2023-07-12	Initial Release
2.0	2023-07-12	Added relevant information in "Additional Info" section
3.0	2023-08-16	Removed Additional Details. Updated Remediated Versions column

Related Information

Legal Information

Article Properties

Affected Product

Isilon A200, Isilon A2000, Isilon H400, PowerScale OneFS, PowerScale Archive A300, PowerScale Archive A3000, PowerScale B100, PowerScale F200, PowerScale F600, PowerScale F900, PowerScale Hybrid H700, PowerScale Hybrid H7000, PowerScale P100

Last Published Date

16 Aug 2023

Article Type

Dell Security Advisory

Welcome

Welcome to Dell