DSA-2024-039: Security Update for Dell AMD-based PowerEdge Server Vulnerability

Resumen: Dell PowerEdge Server remediation is available for AMD Server vulnerability that could be exploited by malicious users to compromise the affected systems.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.
Consulte estos recursos

Impacto

Medium

Detalles

Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-0171 Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources. 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:LThis hyperlink is taking you to a website outside of Dell Technologies.
Proprietary Code CVEs Description CVSS Base Score CVSS Vector String
CVE-2024-0171 Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low privileged attacker could potentially exploit this vulnerability to gain access to otherwise unauthorized resources. 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:LThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

Product Software/Firmware Affected Versions Remediated Versions Link
PowerEdge R6615  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r6615/drivers
PowerEdge R7615  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r7615/drivers
PowerEdge R6625  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r6625/drivers
PowerEdge R7625  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r7625/drivers
PowerEdge C6615  BIOS  Versions prior to 1.3.3  Version 1.3.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-c6615/drivers
Dell XC Core XC7625 BIOS Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/dell-xc7625-core/drivers
Product Software/Firmware Affected Versions Remediated Versions Link
PowerEdge R6615  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r6615/drivers
PowerEdge R7615  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r7615/drivers
PowerEdge R6625  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r6625/drivers
PowerEdge R7625  BIOS  Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-r7625/drivers
PowerEdge C6615  BIOS  Versions prior to 1.3.3  Version 1.3.3 or later  https://www.dell.com/support/home/product-support/product/poweredge-c6615/drivers
Dell XC Core XC7625 BIOS Versions prior to 1.8.3  Version 1.8.3 or later  https://www.dell.com/support/home/product-support/product/dell-xc7625-core/drivers
The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Historial de revisiones

RevisionDateDescription
1.02024-06-24Initial release
2.02024-11-08Format update with no content change

Información relacionada

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Descargo de responsabilidad

Productos afectados

Dell XC Core XC7625, PowerEdge C6615, PowerEdge R6615, PowerEdge R6625, PowerEdge R7615, PowerEdge R7625
Propiedades del artículo
Número del artículo: 000226253
Tipo de artículo: Dell Security Advisory
Última modificación: 11 nov 2024
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.