DSA-2025-152: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Summary: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Third-party Component CVEs More Information
VMware ESXi 8.0.3 and vCenter Server 8.0.3 CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 VMSA-2025-0010This hyperlink is taking you to a website outside of Dell Technologies.
vCenter Server 8.0.3 Security Updates CVE-2022-48554, CVE-2023-49582,CVE-2023-5388,CVE-2024-0743,CVE-2024-0760,CVE-2024-1737,CVE-2024-1975,CVE-2024-24557,CVE-2024-26458,CVE-2024-26461,CVE-2024-26857,CVE-2024-26885,CVE-2024-26898,CVE-2024-26921,CVE-2024-27072,CVE-2024-34397,CVE-2024-34750,CVE-2024-35965,CVE-2024-35973,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-4076,CVE-2024-41073,CVE-2024-4317,CVE-2024-43790,CVE-2024-43802,CVE-2024-43829,CVE-2024-44931,CVE-2024-45306,CVE-2024-46695,CVE-2024-46854,CVE-2024-47672,CVE-2024-47674,CVE-2024-47814,CVE-2024-49955,CVE-2024-49959,CVE-2024-49967,CVE-2024-49973,CVE-2024-49975,CVE-2024-49983,CVE-2024-49993,CVE-2024-50001,CVE-2024-50006,CVE-2024-50008,CVE-2024-50010,CVE-2024-50015,CVE-2024-50024,CVE-2024-50039,CVE-2024-50040,CVE-2024-50044,CVE-2024-50045,CVE-2024-50046,CVE-2024-50049,CVE-2024-50058,CVE-2024-50072,CVE-2024-50082,CVE-2024-50083,CVE-2024-50095,CVE-2024-50115,CVE-2024-50117,CVE-2024-50131,CVE-2024-50134,CVE-2024-50142,CVE-2024-50148,CVE-2024-50167,CVE-2024-50179,CVE-2024-50185,CVE-2024-50201,CVE-2024-50202,CVE-2024-50228,CVE-2024-50237,CVE-2024-50251,CVE-2024-50262,CVE-2024-6119,CVE-2024-6197,CVE-2024-6345,CVE-2024-7348,CVE-2024-9681, CVE-2024-42322,CVE-2024-44987,CVE-2024-44998,CVE-2024-44999,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492,CVE-2024-6923,CVE-2024-7264, CVE-2024-2397, CVE-2024-23807, CVE-2023-52323 https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-appliance-photonos-security-patches.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 DSA-2025-085

Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

 CVE-2024-24852, CVE-2024-36274 DSA-2025-042

Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.3 IPU)

 CVE-2024-25565 DSA-2024-308

Security Update for Dell iDRAC9 Vulnerabilities

 CVE-2023-52340, CVE-2024-42154 DSA-2024-460
Security Update for Dell AMD-based PowerEdge Server Vulnerabilities CVE-2024-21944 DSA-2024-404
Dell PowerEdge Server Security Update for Intel® Processor Vulnerabilities CVE-2024-21853 DSA-2024-383
SUSE Updates CVE-2025-22868, CVE-2025-22869 https://www.suse.com/This hyperlink is taking you to a website outside of Dell Technologies.
SQLite CVE-2023-7104 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
CPython CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
OpenSSL CVE-2024-2511 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
urllib3 CVE-2024-37891 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python-Requests CVE-2023-32681 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
XZ Utils CVE-2024-47611, CVE-2020-22916 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions 8.0.000 through 8.0.322 Version 8.0.330 or later https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions 8.0.000 through 8.0.322 Version 8.0.330 or later https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Workarounds & Mitigations

CVE ID Workaround and Mitigation
CVE-2023-48795 https://www.dell.com/support/kbdoc/en-us/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance

 

Revision History

Revision DateDescription
1.02025-04-30Initial Release
2.02025-05-28Added CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 pertaining to VMSA-2025-0010 and mitigation for CVE-2023-48795

 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

VxRail, VMware, VxRail Appliance Series
Article Properties
Article Number: 000314560
Article Type: Dell Security Advisory
Last Modified: 28 May 2025
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.