DSA-2024-455: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities

Tabla de contenido

Artículo detallado

Impacto

Corrección y productos afectados

Historial de revisiones

Información relacionada

Descargo de responsabilidad

Productos afectados

Deje sus comentarios

Resumen: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Este artículo se aplica a Este artículo no se aplica a Este artículo no está vinculado a ningún producto específico. No se identifican todas las versiones del producto en este artículo.

Consulte estos recursos

Impacto

High

Detalles

Third-Party Component	CVEs	More information
BIOS	CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	https://nvd.nist.gov/
iDRAC	CVE-2024-45762	https://nvd.nist.gov/
Dell SmartFabric OS10	CVE-2022-1012,CVE-2022-21123,CVE-2022-21125,CVE-2022-21166,CVE-2022-32296	https://nvd.nist.gov/

Dell Technologies recomienda que todos los clientes tengan en cuenta tanto la puntuación base como cualquier otra puntuación ambiental y temporal relevante que pueda afectar la posible gravedad asociada con la vulnerabilidad de seguridad en particular.

Corrección y productos afectados

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Archive A300	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Archive A3000	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Hybrid H700	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Hybrid H7000	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2022-1012, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-32296	PowerScale OneFS with Dell PowerSwitch: Z9100, Z9264, S5232, S4112, S4148; Leaf/Spine (LS): Z9100, S5232, Z9264	DNOS	Versions 8.2.0 through 9.10.0	Version 10.5.5.5 or later	Please contact Dell support.

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Archive A300	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Archive A3000	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Hybrid H700	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2021-33164, CVE-2024-24853, CVE-2023-39538, CVE-2023-39539, CVE-2024-21781	PowerScale Hybrid H7000	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2024-45762	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 12.4.1	Version 12.4.1 or later	PowerScale OneFS Downloads Area
CVE-2022-1012, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-32296	PowerScale OneFS with Dell PowerSwitch: Z9100, Z9264, S5232, S4112, S4148; Leaf/Spine (LS): Z9100, S5232, Z9264	DNOS	Versions 8.2.0 through 9.10.0	Version 10.5.5.5 or later	Please contact Dell support.

Note:

We encourage all customers to upgrade to the remediated versions, if an upgrade is not feasible, we recommend customers to review the CVE details further to more accurately determine potential risk to their environment.
To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 12.4 Release Notes documented in Firmware - PowerScale Info Hub.
Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades.
The following PowerScale OneFS with Dell Networking switch running Networking OS10 firmware version 10.5.5.5 or prior :
- Top Of Rack (Flat):Z9100, Z9264, S5232, S4112, S4148
- Leaf/Spine (LS): Z9100, S5232, Z9264

Historial de revisiones

Revision	Date	Description
1.0	2024-12-16	Initial Release
2.0	2024-12-30	major update
3.0	2024-12-30	formatting update with no content changes
4.0	2025-02-06	major update: NFP 12.4.2 with iDRAC related CVEs and associated remediations added
5.0	2025-07-23	Updated for enhanced presentation

Información relacionada

Descargo de responsabilidad

Productos afectados

PowerScale Archive A300, PowerScale Archive A3000, PowerScale B100, PowerScale F200, PowerScale F600, PowerScale F900, PowerScale Hybrid H700, PowerScale Hybrid H7000, PowerScale P100, PowerScale Switch S4112F, PowerScale Switch S4148F , PowerScale Switch S5232F, PowerScale Switch Z9100, PowerScale Switch Z9264 ...

Número del artículo: 000260794

Tipo de artículo: Dell Security Advisory

Última modificación: 23 jul 2025

Compruebe si el dispositivo está cubierto por los servicios de soporte.

DSA-2024-455: Security Update for Dell PowerScale OneFS for Multiple Security Vulnerabilities

Resumen: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Impacto

Detalles

Corrección y productos afectados

Historial de revisiones

Información relacionada

Descargo de responsabilidad

Productos afectados

Propiedades del artículo

Encuentre respuestas a sus preguntas de otros usuarios de Dell

Servicios de soporte

Propiedades del artículo

Encuentre respuestas a sus preguntas de otros usuarios de Dell

Servicios de soporte