Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000218009

DSA-2023-328: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax vApp, Dell Solutions Enabler, Dell Solutions Enabler vApp, Dell Unisphere 360, Dell VASA Provider vApp, and Dell PowerMax EEM Security Update for Multiple Vulnerabilities

Summary: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler, Dell Solutions Enabler Virtual Appliance, Dell Unisphere 360, Dell VASA Provider Virtual Appliance, and Dell PowerMax Embedded Management remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. ...

Article Content

Impact

High

Details

Third-party Component CVEs More Information
Microsoft Visual C++ 2010 CVE-2010-3190 See NVD link below for individual scores for each CVE.
http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
openSSL CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304 See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SLES 12 SP5 CVE-2020-36691, CVE-2021-37600, CVE-2022-3566, CVE-2022-4304, CVE-2022-43945, CVE-2022-45884, CVE-2022-45885, CVE-2022-45886, CVE-2022-45887, CVE-2022-45919, CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804, CVE-2023-1077, CVE-2023-1079, CVE-2023-1249, CVE-2023-1380, CVE-2023-1611, CVE-2023-1637, CVE-2023-1670, CVE-2023-1855, CVE-2023-1981, CVE-2023-1989, CVE-2023-1990, CVE-2023-1998, CVE-2023-2002, CVE-2023-2124, CVE-2023-2162, CVE-2023-2176, CVE-2023-2194, CVE-2023-2269, CVE-2023-2453, CVE-2023-2483, CVE-2023-2513, CVE-2023-25180, CVE-2023-2603, CVE-2023-2650, CVE-2023-2828, CVE-2023-28466, CVE-2023-28484, CVE-2023-29383, CVE-2023-29469, CVE-2023-29491, CVE-2023-2953, CVE-2023-30772, CVE-2023-3090, CVE-2023-31084, CVE-2023-3111, CVE-2023-3138, CVE-2023-3141, CVE-2023-31436, CVE-2023-3159, CVE-2023-3161, CVE-2023-32269, CVE-2023-32324, CVE-2023-3268, CVE-2023-3358, CVE-2023-35824, CVE-2023-36664 See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
SLES 15 SP2 CVE-2022-39188, CVE-2022-36879, CVE-2022-32250, CVE-2022-3028, CVE-2022-2977, CVE-2022-29581, CVE-2022-2905, CVE-2022-2663, CVE-2022-2639, CVE-2022-26373, CVE-2022-2588, CVE-2022-20369, CVE-2022-20368, CVE-2022-20166, CVE-2022-1012, CVE-2021-4203, CVE-2021-4155, CVE-2020-36516, CVE-2020-27784, CVE-2020-26159, CVE-2019-19246, CVE-2019-19204, CVE-2019-19203, CVE-2019-16163, CVE-2019-13224, CVE-2022-31163, CVE-2023-22796, CVE-2020-14001, CVE-2022-44572, CVE-2022-44571, CVE-2022-44570, CVE-2022-32209, CVE-2022-31163 See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Oracle CVE-2023-22043, CVE-2023-22041, CVE-2023-22051, CVE-2023-25193, CVE-2023-22044, CVE-2023-22045, CVE-2023-22049, CVE-2023-22036, CVE-2023-22006 See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
Windows 10 CVE-2023-35367, CVE-2023-35302, CVE-2023-33155, CVE-2023-35309, CVE-2023-32054, CVE-2023-35363, CVE-2023-35358, CVE-2023-32044, CVE-2023-35306, CVE-2023-35361, CVE-2023-35299, CVE-2023-32085, CVE-2023-32056, CVE-2023-33174, CVE-2023-36884, CVE-2023-35357, CVE-2023-35303, CVE-2023-32055, CVE-2023-33154, CVE-2023-35304, CVE-2023-35296, CVE-2023-35362, CVE-2023-35366, CVE-2023-35308, CVE-2023-32038, CVE-2023-33168, CVE-2023-36871, CVE-2023-35365, CVE-2023-32053, CVE-2023-32037, CVE-2023-33169, CVE-2023-35356, CVE-2023-35305, CVE-2023-32057, CVE-2023-21526, CVE-2023-36874, CVE-2023-35364, CVE-2023-35360, CVE-2023-35353, CVE-2023-35343, CVE-2023-35342, CVE-2023-35341, CVE-2023-35340, CVE-2023-35339, CVE-2023-35338, CVE-2023-35336, CVE-2023-35332, CVE-2023-35330, CVE-2023-35329, CVE-2023-35328, CVE-2023-35326, CVE-2023-35325, CVE-2023-35324, CVE-2023-35320, CVE-2023-35319, CVE-2023-35318, CVE-2023-35316, CVE-2023-35315, CVE-2023-35314, CVE-2023-35313, CVE-2023-35312, CVE-2023-35300, CVE-2023-35297, CVE-2023-32084, CVE-2023-32049, CVE-2023-32046, CVE-2023-32045, CVE-2023-32043, CVE-2023-32042, CVE-2023-32041, CVE-2023-32040, CVE-2023-32039, CVE-2023-32035, CVE-2023-32034, CVE-2023-33173, CVE-2023-33172, CVE-2023-33167, CVE-2023-33166, CVE-2023-33164, CVE-2023-21756, CVE-2023-24936, CVE-2023-32030, CVE-2023-24895, CVE-2023-29331, CVE-2023-24897, CVE-2023-29326, CVE-2023-32019, CVE-2023-32017, CVE-2023-32016, CVE-2023-32015, CVE-2023-32014, CVE-2023-32011, CVE-2023-32009, CVE-2023-32008, CVE-2023-29373, CVE-2023-29372, CVE-2023-29371, CVE-2023-29370, CVE-2023-29368, CVE-2023-29365, CVE-2023-29364, CVE-2023-29363, CVE-2023-29360, CVE-2023-29359, CVE-2023-29358, CVE-2023-29351, CVE-2023-29346, CVE-2023-24938, CVE-2023-24937, CVE-2023-24949, CVE-2023-24947, CVE-2023-24903, CVE-2023-29325, CVE-2023-29324, CVE-2023-24948, CVE-2023-24946, CVE-2023-24945, CVE-2023-24944, CVE-2023-24943, CVE-2023-24942, CVE-2023-24901, CVE-2023-24940, CVE-2023-24900, CVE-2023-24939, CVE-2023-28283, CVE-2023-28251, CVE-2023-24932 See NVD link below for individual scores for each CVE. http://nvd.nist.gov/ This hyperlink is taking you to a website outside of Dell Technologies.
 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products and Remediation

Product Software/Firmware Affected Versions Updated Versions Link
Unisphere for PowerMax Host Installation Versions prior to 9.2.4.6 Version 9.2.4.6 https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance Versions prior to 9.2.4.6 Version 9.2.4.6 https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers
Unisphere 360 Host Installation Versions prior to 9.2.4.8 Version 9.2.4.8 https://www.dell.com/support/home/product-support/product/unisphere-360/drivers
Solutions Enabler Host Installation Versions prior to 9.2.4.3 Version 9.2.4.3 https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance Versions prior to 9.2.4.3 Version 9.2.4.3 https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers
eVASA Provider Embedded Versions prior to 9.2.4.34 Version 9.2.4.34 Contact customer support and request DSA-2023-212
VASA Provider Standalone Versions prior to 9.2.4.30 Version 9.2.4.30 https://www.dell.com/support/home/product-support/product/vasa-provider/drivers
Unisphere for PowerMax Host Installation Versions prior to 10.0.1.7 Version 10.0.1.7 https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers
Solutions Enabler Host Installation Versions prior to 10.0.1.3 Version 10.0.1.3 https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers
eVASA Provider Embedded Versions prior to 10.0.1.469 Version 10.0.1.469 Contact customer support and request DSA-2023-328
PowerMaxOS 5978 PowerMax OS Version 5978 Version 5978 Contact customer support and request DSA-2023-328
Product Software/Firmware Affected Versions Updated Versions Link
Unisphere for PowerMax Host Installation Versions prior to 9.2.4.6 Version 9.2.4.6 https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers
Unisphere for PowerMax Virtual Appliance Versions prior to 9.2.4.6 Version 9.2.4.6 https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers
Unisphere 360 Host Installation Versions prior to 9.2.4.8 Version 9.2.4.8 https://www.dell.com/support/home/product-support/product/unisphere-360/drivers
Solutions Enabler Host Installation Versions prior to 9.2.4.3 Version 9.2.4.3 https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers
Solutions Enabler Virtual Appliance Versions prior to 9.2.4.3 Version 9.2.4.3 https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers
eVASA Provider Embedded Versions prior to 9.2.4.34 Version 9.2.4.34 Contact customer support and request DSA-2023-212
VASA Provider Standalone Versions prior to 9.2.4.30 Version 9.2.4.30 https://www.dell.com/support/home/product-support/product/vasa-provider/drivers
Unisphere for PowerMax Host Installation Versions prior to 10.0.1.7 Version 10.0.1.7 https://www.dell.com/support/home/product-support/product/unisphere-powermax/drivers
Solutions Enabler Host Installation Versions prior to 10.0.1.3 Version 10.0.1.3 https://www.dell.com/support/home/product-support/product/solutions-enabler/drivers
eVASA Provider Embedded Versions prior to 10.0.1.469 Version 10.0.1.469 Contact customer support and request DSA-2023-328
PowerMaxOS 5978 PowerMax OS Version 5978 Version 5978 Contact customer support and request DSA-2023-328

Workarounds and Mitigations

None.

Revision History

RevisionDateDescription
1.02023-09-27Initial Version
2.02023-10-04Added hyperlinks for support.
3.02023-10-13Updated for enhanced presentation without any changes to content.
4.02023-10-16Removed Statement "Not Available until 10/16/2023" from the Affected Products and Remediation Table for Product PowerMaxOS 5978. 
5.02023-10-17Updated for enhanced presentation without any changes to content.
6.02023-12-01Updated for enhanced presentation with no change to content.
7.02023-12-14Added to "Third-Party Component" table additional third-party component VC2010 with CVE-2010-3190
Updated "Revision History" table, version 6 had incorrect date of 2323 for the year, updated to 2023
8.02023-12-12

Updated "Third-Party Component" table to include "Microsoft Visual C++ 2010 " for clarity.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Information

Article Properties

Affected Product

PowerMax, PowerMax, PowerMax 2000, PowerMax 2500, PowerMax 8000, PowerMax 8500, PowerMax Engine, PowerMaxOS 5978, Solutions Enabler, Unisphere 360, Unisphere for PowerMax, VASA Provider

Last Published Date

15 Dec 2023

Version

8

Article Type

Dell Security Advisory

Back to Top