Article Number: 000220223
DSA-2023-457: Security Update for Dell PowerFlex rack Multiple Third-Party Component Vulnerabilities
Summary: Dell PowerFlex rack remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Article Content
Impact
Critical
Details
| Third-party Component | CVEs | More Information |
|---|---|---|
| Dell PowerEdge Server BIOS | CVE-2022-40982, CVE-2022-43505, CVE-2023-23908, CVE-2022-41804, CVE-2023-20594, CVE-2023-20597, CVE-2021-26345, CVE-2023-20566, CVE-2021-46774, CVE-2022-23820, CVE-2022-23830, CVE-2023-20519, CVE-2023-20521, CVE-2023-20526, CVE-2023-20533, CVE-2021-46766 | DSA-2023-206, DSA-2023-348, DSA-2023-355 |
| VMware vCenter | CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895, CVE-2023-20896, CVE-2023-34048, CVE-2023-34056 | VMSA-2023-0014 , VMSA-2023-0023 |
Affected Products and Remediation
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| PowerFlex rack |
RCM | Versions prior to 3.6.5.0 | Version 3.6.5.0 | RCM release |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
|---|---|---|---|---|
| PowerFlex rack |
RCM | Versions prior to 3.6.5.0 | Version 3.6.5.0 | RCM release |
In the case of manual upgrade for PowerFlex rack, please see this link: https://www.dell.com/support/home/product-support/product/powerflex-rack-rcm-sw/drivers
Revision History
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-12-06 | Initial Release |
Related Information
Legal Information
Article Properties
Affected Product
PowerFlex rack
Last Published Date
06 Dec 2023
Version
1
Article Type
Dell Security Advisory