DSA-2024-474: Security Update for Dell PowerFlex Rack Multiple Third-Party Component Vulnerabilities
Yhteenveto: Dell PowerFlex Rack remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system
Tämä artikkeli koskee tuotetta
Tämä artikkeli ei koske tuotetta
Tämä artikkeli ei liity tiettyyn tuotteeseen.
Tässä artikkelissa ei yksilöidä kaikkia tuoteversioita.
Vaikutus
Critical
Tiedot
| Third-party Component | CVEs | More Information |
| Dell PowerEdge Server BIOS | CVE-2023-45745, CVE-2023-47855, CVE-2023-31355, CVE-2024-21978, CVE-2024-21980, CVE-2023-31315, CVE-2023-49141, CVE-2021-26344, CVE-2021-26387, CVE-2021-46772, CVE-2021-46746, CVE-2023-20518, CVE-2023-20578, CVE-2023-20584, CVE-2023-20591, CVE-2023-31356, CVE-2024-21981, CVE-2024-21801, CVE-2024-22374 | DSA-2024-160, DSA-2024-306, DSA-2024-344, DSA-2024-160, DSA-2024-350, DSA-2024-359 |
| iDRAC | CVE-2024-25943, CVE-2023-48795, CVE-2024-38433, CVE-2024-6387, CVE-2023-29499 | DSA-2024-099, DSA-2024-021, DSA-2024-223, DSA-2024-342, DSA-2024-286 |
| OpenSSH | CVE-2020-15778 | https://nvd.nist.gov/vuln/search |
| CUPS | CVE-2024-47176, CVE-2024-47076 | https://nvd.nist.gov/vuln/search |
| Cisco Switches | CVE-2024-20399 | Cisco NX-OS Software CLI Command Injection Vulnerability |
| VMWare | CVE-2024-22273, CVE-2024-22274, CVE-2024-22275, CVE-2024-37086, CVE-2024-37087, CVE-2024-37085, CVE-2024-38812, CVE-2024-38813 | VMSA-2024-0011, VMSA-2024-0013, VMSA-2024-0013 , VMSA-2024-0019 |
| Python-Cryptography | CVE-2023-50782 | https://nvd.nist.gov/vuln/search |
| libexpat | CVE-2023-52425 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2016-2183 | https://nvd.nist.gov/vuln/search |
| SQLparse | CVE-2023-30608 | https://nvd.nist.gov/vuln/search |
| OpenJDK | CVE-2024-21094 | https://nvd.nist.gov/vuln/search |
| JQuery | CVE-2020-11023 | https://nvd.nist.gov/vuln/search |
Tuotteet, joihin asia vaikuttaa, ja tilanteen korjaaminen
|
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
PowerFlex rack |
RCM |
Versions prior to 3.6.7.0
|
Version 3.6.7.0 or later
|
|
|
PowerFlex rack |
RCM |
Versions prior to 3.8.1.0 |
Version 3.8.1.0 or later |
|
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
PowerFlex rack |
RCM |
Versions prior to 3.6.7.0
|
Version 3.6.7.0 or later
|
|
|
PowerFlex rack |
RCM |
Versions prior to 3.8.1.0 |
Version 3.8.1.0 or later |
- In the case of manual upgrade for PowerFlex rack, please see this link:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-rack-rcm-sw/drivers
Kiertotavat ja lievennyskeinot
None
Versiohistoria
|
Revision |
Date |
Description |
|
1.0 |
2024-12-12 |
Initial Release |
|
2.0 |
2025-02-19 |
Major update; remediation content: |
|
3.0 |
2025-03-24 |
Major update, remediation content: |
Asiaan liittyvät tiedot
Vastuuvapauslauseke
Tuotteet, joihin vaikutus kohdistuu
PowerFlex rackArtikkelin ominaisuudet
Artikkelin numero: 000259564
Artikkelin tyyppi: Dell Security Advisory
Viimeksi muutettu: 24 maalisk. 2025
Etsi vastauksia kysymyksiisi muilta Dell-käyttäjiltä
Tukipalvelut
Tarkista, kuuluuko laitteesi tukipalveluiden piiriin.