DSA-2025-152: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Resumen: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

Critical

Detalles

Third-party Component CVEs More Information
VMware ESXi 8.0.3 and vCenter Server 8.0.3 CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 VMSA-2025-0010This hyperlink is taking you to a website outside of Dell Technologies.
vCenter Server 8.0.3 Security Updates CVE-2022-48554, CVE-2023-49582,CVE-2023-5388,CVE-2024-0743,CVE-2024-0760,CVE-2024-1737,CVE-2024-1975,CVE-2024-24557,CVE-2024-26458,CVE-2024-26461,CVE-2024-26857,CVE-2024-26885,CVE-2024-26898,CVE-2024-26921,CVE-2024-27072,CVE-2024-34397,CVE-2024-34750,CVE-2024-35965,CVE-2024-35973,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-4076,CVE-2024-41073,CVE-2024-4317,CVE-2024-43790,CVE-2024-43802,CVE-2024-43829,CVE-2024-44931,CVE-2024-45306,CVE-2024-46695,CVE-2024-46854,CVE-2024-47672,CVE-2024-47674,CVE-2024-47814,CVE-2024-49955,CVE-2024-49959,CVE-2024-49967,CVE-2024-49973,CVE-2024-49975,CVE-2024-49983,CVE-2024-49993,CVE-2024-50001,CVE-2024-50006,CVE-2024-50008,CVE-2024-50010,CVE-2024-50015,CVE-2024-50024,CVE-2024-50039,CVE-2024-50040,CVE-2024-50044,CVE-2024-50045,CVE-2024-50046,CVE-2024-50049,CVE-2024-50058,CVE-2024-50072,CVE-2024-50082,CVE-2024-50083,CVE-2024-50095,CVE-2024-50115,CVE-2024-50117,CVE-2024-50131,CVE-2024-50134,CVE-2024-50142,CVE-2024-50148,CVE-2024-50167,CVE-2024-50179,CVE-2024-50185,CVE-2024-50201,CVE-2024-50202,CVE-2024-50228,CVE-2024-50237,CVE-2024-50251,CVE-2024-50262,CVE-2024-6119,CVE-2024-6197,CVE-2024-6345,CVE-2024-7348,CVE-2024-9681, CVE-2024-42322,CVE-2024-44987,CVE-2024-44998,CVE-2024-44999,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492,CVE-2024-6923,CVE-2024-7264, CVE-2024-2397, CVE-2024-23807, CVE-2023-52323 https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-appliance-photonos-security-patches.htmlThis hyperlink is taking you to a website outside of Dell Technologies.
Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 DSA-2025-085

Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities

 CVE-2024-24852, CVE-2024-36274 DSA-2025-042

Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.3 IPU)

 CVE-2024-25565 DSA-2024-308

Security Update for Dell iDRAC9 Vulnerabilities

 CVE-2023-52340, CVE-2024-42154 DSA-2024-460
Security Update for Dell AMD-based PowerEdge Server Vulnerabilities CVE-2024-21944 DSA-2024-404
Dell PowerEdge Server Security Update for Intel® Processor Vulnerabilities CVE-2024-21853 DSA-2024-383
SUSE Updates CVE-2025-22868, CVE-2025-22869 https://www.suse.com/This hyperlink is taking you to a website outside of Dell Technologies.
SQLite CVE-2023-7104 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
CPython CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
OpenSSL CVE-2024-2511 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
urllib3 CVE-2024-37891 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
Python-Requests CVE-2023-32681 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.
XZ Utils CVE-2024-47611, CVE-2020-22916 https://nvd.nist.gov/vuln/searchThis hyperlink is taking you to a website outside of Dell Technologies.

 

Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions 8.0.000 through 8.0.322 Version 8.0.330 or later https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Product Affected Versions Remediated Versions Link
Dell VxRail Appliance Versions 8.0.000 through 8.0.322 Version 8.0.330 or later https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers

 

Soluciones alternativas y mitigaciones

CVE ID Workaround and Mitigation
CVE-2023-48795 https://www.dell.com/support/kbdoc/en-us/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance

 

Historial de revisiones

Revision DateDescription
1.02025-04-30Initial Release
2.02025-05-28Added CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 pertaining to VMSA-2025-0010 and mitigation for CVE-2023-48795

 

Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

VxRail, VMware, VxRail Appliance Series
Propiedades del artículo
Número del artículo: 000314560
Tipo de artículo: Dell Security Advisory
Última modificación: 28 may 2025
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.