DSA-2024-336: Dell PowerStore X Security Update for Multiple Vulnerabilities

Summary: Dell PowerStore Family remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component CVEs More Information
Jackson-databind CVE-2023-35116 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
joblib CVE-2022-21797 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
libzck1 CVE-2023-46228 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
postgresql CVE-2024-1597 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
pycrypto CVE-2018-6594 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.
rsync CVE-2020-14387 See NVD link below for individual scores for each CVE. 
http://nvd.nist.gov/This hyperlink is taking you to a website outside of Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 1000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-1000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 3000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-3000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 5000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-5000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 7000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-7000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 9000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-9000/drivers
CVEs Addressed Product Software/Firmware Affected Versions Remediated Versions Link
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 1000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-1000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 3000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-3000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 5000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-5000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 7000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-7000/drivers
CVE-2023-35116, CVE-2022-21797, CVE-2023-46228, CVE-2024-1597, CVE-2018-6594, CVE-2020-14387 PowerStore 9000X PowerStoreX OS Versions prior to 3.2.1.3-2334099 Version 3.2.1.3-2334099 or later https://www.dell.com/support/home/product-support/product/powerstore-9000/drivers

Revision History

RevisionDateDescription
1.02024-08-01Initial Release
2.02024-08-01Updated for enhanced presentation with no changes to content.

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerStore 1000X, PowerStore 3000X, PowerStore 5000X, PowerStore 7000X, PowerStore 9000X, PowerStoreOS
Article Properties
Article Number: 000227490
Article Type: Dell Security Advisory
Last Modified: 01 Aug 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.