DSA-2024-474: Security Update for Dell PowerFlex Rack Multiple Third-Party Component Vulnerabilities
Resumen: Dell PowerFlex Rack remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system
Este artículo se aplica a:
Este artículo no se aplica a:
Este artículo no está vinculado a ningún producto específico.
En este artículo no se identifican todas las versiones de los productos.
Impacto
Critical
Detalles
| Third-party Component | CVEs | More Information |
| Dell PowerEdge Server BIOS | CVE-2023-45745, CVE-2023-47855, CVE-2023-31355, CVE-2024-21978, CVE-2024-21980, CVE-2023-31315, CVE-2023-49141, CVE-2021-26344, CVE-2021-26387, CVE-2021-46772, CVE-2021-46746, CVE-2023-20518, CVE-2023-20578, CVE-2023-20584, CVE-2023-20591, CVE-2023-31356, CVE-2024-21981, CVE-2024-21801, CVE-2024-22374 | DSA-2024-160, DSA-2024-306, DSA-2024-344, DSA-2024-160, DSA-2024-350, DSA-2024-359 |
| iDRAC | CVE-2024-25943, CVE-2023-48795, CVE-2024-38433, CVE-2024-6387, CVE-2023-29499 | DSA-2024-099, DSA-2024-021, DSA-2024-223, DSA-2024-342, DSA-2024-286 |
| OpenSSH | CVE-2020-15778 | https://nvd.nist.gov/vuln/search |
| CUPS | CVE-2024-47176, CVE-2024-47076 | https://nvd.nist.gov/vuln/search |
| Cisco Switches | CVE-2024-20399 | Cisco NX-OS Software CLI Command Injection Vulnerability |
| VMWare | CVE-2024-22273, CVE-2024-22274, CVE-2024-22275, CVE-2024-37086, CVE-2024-37087, CVE-2024-37085, CVE-2024-38812, CVE-2024-38813 | VMSA-2024-0011, VMSA-2024-0013, VMSA-2024-0013 , VMSA-2024-0019 |
| Python-Cryptography | CVE-2023-50782 | https://nvd.nist.gov/vuln/search |
| libexpat | CVE-2023-52425 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2016-2183 | https://nvd.nist.gov/vuln/search |
| SQLparse | CVE-2023-30608 | https://nvd.nist.gov/vuln/search |
| OpenJDK | CVE-2024-21094 | https://nvd.nist.gov/vuln/search |
Productos afectados y corrección
|
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
PowerFlex rack |
RCM |
Versions prior to 3.6.7.0
|
Version 3.6.7.0 or later
|
|
|
PowerFlex rack |
RCM |
Versions prior to 3.8.1.0 |
Version 3.8.1.0 or later |
|
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
PowerFlex rack |
RCM |
Versions prior to 3.6.7.0
|
Version 3.6.7.0 or later
|
|
|
PowerFlex rack |
RCM |
Versions prior to 3.8.1.0 |
Version 3.8.1.0 or later |
- In the case of manual upgrade for PowerFlex rack, please see this link:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-rack-rcm-sw/drivers
Soluciones alternativas y mitigaciones
None
Historial de revisiones
| Revision | Date | Description |
| 1.0 | 2024-12-12 | Initial Release |
| 2.0 | 2025-02-19 | Major update; remediation content: CVE-2023-50782,CVE-2023-52425,CVE-2016-2183, CVE-2023-30608,CVE-2024-21094 added as remediated since the initial release |
| 3.0 | 2025-03-24 | Updated for enhanced presentation with no changes to content |
| 4.0 | 2026-01-29 |
Updated advisory to ensure accurate version tracking
|
Información relacionada
Aviso legal
Productos afectados
PowerFlex rackPropiedades del artículo
Número de artículo: 000259564
Tipo de artículo: Dell Security Advisory
Última modificación: 29 ene 2026
Encuentra las respuestas que necesitas con la ayuda de otros usuarios de Dell
Servicios de asistencia
Comprueba si tu dispositivo está cubierto por los servicios de asistencia.