DSA-2023-250: Security Update for Dell Connectrix (Brocade) for Multiple Vulnerabilities
Summary: Dell Connectrix (Brocade) remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
High
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| FOS | CVE-2023-31425, CVE-2023-31426, CVE-2023-31427, CVE-2023-31428, CVE-2023-31429, CVE-2023-31430, CVE-2023-31431, CVE-2023-31432, CVE-2023-31926, CVE-2023-31927, CVE-2023-31928 |
See NVD link below for individual scores for each CVE. http://nvd.nist.gov/  |
| OpenSSL | CVE-2022-0778, CVE-2018-0739, CVE-2022-2097, CVE-2022-2068 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| OpenSSH | CVE-2021-41617, CVE-2020-14145 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| util-linux before 2.32-rc1 | CVE-2018-7738 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| follow-redirects | CVE-2022-0155 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| zlib before 1.2.12 | CVE-2018-25032 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| handle_ipDefaultTTL | CVE-2022-44792 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| cgroup1_parse_param in kernel/cgroup/cgroup-v1 | CVE-2021-4145 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Apache HTTP Server 2.4.53 and earlier | CVE-2021-39275, CVE-2019-0220, CVE-2022-28614, CVE-2022-28615 |
See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| glib before version 2.63.6 | CVE-2021-3800 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Linux kernel before 5.6.2 | CVE-2022-24448, CVE-2021-45485, CVE-2021-45486, CVE-2022-0322, CVE-2020-36557, CVE-2020-36558, CVE-2011-4917 |
See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| GNU C Library (aka glibc) before and through 2.34 | CVE-2022-23219, CVE-2013-4788 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| X.509 certificate verification | CVE-2022-3786, CVE-2022-3602 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| rsync before 3.2.5 | CVE-2022-29154 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Net-SNMP through 5.7.3 | CVE-2020-15861 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| RPM before 4.9.1.3 | CVE-2012-0060 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| util.c in GNU readline before 6.3 patch 3 | CVE-2014-2524 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Expat (aka libexpat) before 2.4.5 | CVE-2022-25313, CVE-2022-25236, CVE-2022-25235 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| src/list.c of tar 1.33 and earlier | CVE-2021-20193 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| libcgroup up to and including 0.41 creates file with mode 0666 regardless of the configured umask | CVE-2018-14348 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| libxml2 through 2.9.8 | CVE-2018-14404 |
See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Hardware allows activation of test or debug logic Intel® Processor | CVE-2021-0146 |
See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| WebTools | CVE-2022-28169, CVE-2023-31927, CVE-2023-31928 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Linux kernel before 5.13.3 In the IPv6 implementation | CVE-2021-45485, CVE-2021-45486 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| CLI | CVE-2023-31432, CVE-2023-31425, CVE-2023-31430, CVE-2023-31428, CVE-2023-31429 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| "less" command | CVE-2023-31926 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| "diagstatus" command | CVE-2023-31431 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Linux kernel before 5.16.5 in fs/nfs/dir.c | CVE-2022-24448 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| AES OCB fails to encrypt some bytes | CVE-2022-2097 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
| Logs - "configupload" and "configdownload" | CVE-2023-31426 | See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ |
Affected Products & Remediation
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2023-31425, CVE-2021-41617, CVE-2022-0155, CVE-2021-4145, CVE-2022-0778 | Connectrix B-Series | FOS | Versions 9.1.0 through 9.1.1 | Version 9.1.1 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2023-31425, CVE-2021-41617, CVE-2022-0155, CVE-2021-4145, CVE-2022-0778 | Connectrix B-Series | FOS | Versions 9.1.0 through 9.1.1 | Version 9.2.0 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
|
CVE-2023-31427, CVE-2023-31428, CVE-2023-31429, CVE-2023-31430, CVE-2023-31431, CVE-2023-31432, CVE-2023-31926, CVE-2023-31927, CVE-2022-44792, CVE-2020-14145, CVE-2021-3800, CVE-2022-23219, CVE-2021-45485, CVE-2021-45486, CVE-2021-0146, CVE-2018-7738, CVE-2022-24448, CVE-2020-36557, CVE-2020-36558 |
Connectrix B-Series | FOS | Versions prior to 9.1.1c | Version 9.1.1c or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
|
CVE-2023-31427, CVE-2023-31428, CVE-2023-31429, CVE-2023-31430, CVE-2023-31431, CVE-2023-31432, CVE-2023-31926, CVE-2023-31927, CVE-2022-44792, CVE-2020-14145, CVE-2021-3800, CVE-2022-23219, CVE-2021-45485, CVE-2021-45486, CVE-2021-0146, CVE-2018-7738, CVE-2022-24448, CVE-2023-31928, CVE-2022-3786, CVE-2022-3602, CVE-2022-28614, CVE-2022-28615, CVE-2022-0322, CVE-2020-36557, CVE-2020-36558, CVE-2022-29154, CVE-2022-2097, CVE-2011-4917, CVE-2022-2068, CVE-2020-15861, CVE-2012-0060, CVE-2014-2524, CVE-2013-4788, CVE-2022-25313, CVE-2021-20193, CVE-2022-25236, CVE-2022-25235, CVE-2018-14348, CVE-2021-39275 |
Connectrix B-Series | FOS | Versions prior to 9.2.0 | Version 9.2.0 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
|
CVE-2023-31426, CVE-2022-0778, CVE-2018-7738, CVE-2022-24448, CVE-2020-36557, CVE-2020-36558, CVE-2018-14404 |
Connectrix B-Series | FOS | Versions prior to 8.2.3d | Version 8.2.3d or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-0778 | Connectrix B-Series | FOS | Versions prior to 9.0.1e | Version 9.01e or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2019-0220 | Connectrix B-Series | FOS | Versions prior to 9.0.0 | Version 9.0.0 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-25236 | Connectrix B-Series | FOS | Versions prior to 9.2.1 | Version 9.2.1 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-25236, CVE-2022-25235 | Connectrix B-Series | FOS | Versions prior to 9.1.1d | Version 9.1.1d or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-25235 | Connectrix B-Series | FOS | Versions prior to 8.2.3e | Version 8.2.3e or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2022-28169 | Connectrix B-Series | FOS | Versions prior to 9.1.1 | Version 9.1.1 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2022-28169 | Connectrix B-Series | FOS | Versions prior to 9.0.1e | Version 9.0.1e or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2018-0739, CVE-2022-28169 | Connectrix B-Series | FOS | Versions prior to 8.2.3c | Version 8.2.3c or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2018-0739 | Connectrix B-Series | FOS | Versions prior to 8.2.0_CBN5 | Version 8.2.0_CBN5 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275 | Connectrix B-Series | FOS | Versions prior to 7.4.2j | Version 7.4.2j or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2018-25032 | Connectrix B-Series | SANnav | Versions prior to 2.2.2 | Version 2.2.2 or later | https://www.dell.com/support/home/product-support/product/connectrix-sannav/drivers |
| CVEs Addressed | Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| CVE-2023-31425, CVE-2021-41617, CVE-2022-0155, CVE-2021-4145, CVE-2022-0778 | Connectrix B-Series | FOS | Versions 9.1.0 through 9.1.1 | Version 9.1.1 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2023-31425, CVE-2021-41617, CVE-2022-0155, CVE-2021-4145, CVE-2022-0778 | Connectrix B-Series | FOS | Versions 9.1.0 through 9.1.1 | Version 9.2.0 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
|
CVE-2023-31427, CVE-2023-31428, CVE-2023-31429, CVE-2023-31430, CVE-2023-31431, CVE-2023-31432, CVE-2023-31926, CVE-2023-31927, CVE-2022-44792, CVE-2020-14145, CVE-2021-3800, CVE-2022-23219, CVE-2021-45485, CVE-2021-45486, CVE-2021-0146, CVE-2018-7738, CVE-2022-24448, CVE-2020-36557, CVE-2020-36558 |
Connectrix B-Series | FOS | Versions prior to 9.1.1c | Version 9.1.1c or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
|
CVE-2023-31427, CVE-2023-31428, CVE-2023-31429, CVE-2023-31430, CVE-2023-31431, CVE-2023-31432, CVE-2023-31926, CVE-2023-31927, CVE-2022-44792, CVE-2020-14145, CVE-2021-3800, CVE-2022-23219, CVE-2021-45485, CVE-2021-45486, CVE-2021-0146, CVE-2018-7738, CVE-2022-24448, CVE-2023-31928, CVE-2022-3786, CVE-2022-3602, CVE-2022-28614, CVE-2022-28615, CVE-2022-0322, CVE-2020-36557, CVE-2020-36558, CVE-2022-29154, CVE-2022-2097, CVE-2011-4917, CVE-2022-2068, CVE-2020-15861, CVE-2012-0060, CVE-2014-2524, CVE-2013-4788, CVE-2022-25313, CVE-2021-20193, CVE-2022-25236, CVE-2022-25235, CVE-2018-14348, CVE-2021-39275 |
Connectrix B-Series | FOS | Versions prior to 9.2.0 | Version 9.2.0 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
|
CVE-2023-31426, CVE-2022-0778, CVE-2018-7738, CVE-2022-24448, CVE-2020-36557, CVE-2020-36558, CVE-2018-14404 |
Connectrix B-Series | FOS | Versions prior to 8.2.3d | Version 8.2.3d or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-0778 | Connectrix B-Series | FOS | Versions prior to 9.0.1e | Version 9.01e or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2019-0220 | Connectrix B-Series | FOS | Versions prior to 9.0.0 | Version 9.0.0 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-25236 | Connectrix B-Series | FOS | Versions prior to 9.2.1 | Version 9.2.1 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-25236, CVE-2022-25235 | Connectrix B-Series | FOS | Versions prior to 9.1.1d | Version 9.1.1d or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2022-25235 | Connectrix B-Series | FOS | Versions prior to 8.2.3e | Version 8.2.3e or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2022-28169 | Connectrix B-Series | FOS | Versions prior to 9.1.1 | Version 9.1.1 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2022-28169 | Connectrix B-Series | FOS | Versions prior to 9.0.1e | Version 9.0.1e or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2018-0739, CVE-2022-28169 | Connectrix B-Series | FOS | Versions prior to 8.2.3c | Version 8.2.3c or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275, CVE-2018-0739 | Connectrix B-Series | FOS | Versions prior to 8.2.0_CBN5 | Version 8.2.0_CBN5 or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2021-39275 | Connectrix B-Series | FOS | Versions prior to 7.4.2j | Version 7.4.2j or later | https://www.dell.com/support/home/product-support/product/connectrix-b-series-hardware/overview |
| CVE-2018-25032 | Connectrix B-Series | SANnav | Versions prior to 2.2.2 | Version 2.2.2 or later | https://www.dell.com/support/home/product-support/product/connectrix-sannav/drivers |
Revision History
| Revision | Date | Description |
| 1.0 | 2023-08-02 | Initial Release |
| 2.0 | 2023-09-25 | Added additional CVE (CVE-2022-28169) to Third Party and Affected Product and Remediation Tables. Added new Third Party Components related to existing CVE's already documented:
|
| 3.0 | 2025-02-11 | Updated for enhanced format presentation with no changes to content |
Related Information
Legal Disclaimer
Affected Products
Connectrix B-Series, Connectrix B-Series, Connectrix DS-300B, Connectrix DS-6505B, Connectrix DS-6510B, Connectrix DS-6520B, Connectrix DS-6610B, Connectrix DS-6620B, Connectrix DS-6620B-V2, Connectrix DS-6630B, Connectrix DS-6630B-V2
, Connectrix DS-7720B, Connectrix DS-7730B, Connectrix DS 6630B, Connectrix ED-DCX6-4B, Connectrix ED-DCX6-8B, Connectrix ED-DCX7-4B, Connectrix ED-DCX7-8B, Connectrix ED-DCX8510-4B, Connectrix ED-DCX8510-8B, Connectrix MP-7800B, Connectrix MP-7810B, Connectrix MP-7840B
...
Article Properties
Article Number: 000216406
Article Type: Dell Security Advisory
Last Modified: 18 Feb 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.