DSA-2025-339: Security Update for Dell Avamar Data Store Gen5A Multiple Third-Party Component Vulnerabilities
Yhteenveto: Dell Avamar Data Store Gen5A remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Tämä artikkeli koskee tuotetta
Tämä artikkeli ei koske tuotetta
Tämä artikkeli ei liity tiettyyn tuotteeseen.
Tässä artikkelissa ei yksilöidä kaikkia tuoteversioita.
Vaikutus
Critical
Tiedot
| Third-party Component | CVEs | More Information |
| Dell PowerEdge Server BIOS | CVE-2024-38796, CVE-2024-28956, CVE-2024-45332, CVE-2024-48012 | DSA-2025-038, DSA-2025-041, DSA-2025-156, DSA-2025-046 |
| Integrated Dell Remote Access Controller (iDRAC) | CVE-2025-26466, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2023-6780, CVE-2024-52533, CVE-2023-52340, CVE-2024-42154 | DSA-2025-145. DSA-2025-146, DSA-2024-460 |
Tuotteet, joihin asia vaikuttaa, ja tilanteen korjaaminen
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| Avamar Data Store Gen5A | Dell PowerEdge Server BIOS | Versions prior to 2.24.0 | Version 2.24.0 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
| Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Versions prior to 7.00.00.181 | Version 7.00.00.181 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
| Product | Software/Firmware | Affected Versions | Remediated Versions | Link |
| Avamar Data Store Gen5A | Dell PowerEdge Server BIOS | Versions prior to 2.24.0 | Version 2.24.0 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
| Avamar Data Store Gen5A | Integrated Dell Remote Access Controller (iDRAC) | Versions prior to 7.00.00.181 | Version 7.00.00.181 | Avamar Data Store Gen5A Update for Server Nodes (Hotfix 338901) |
Notes:
- This security includes both newly remedied and past vulnerabilities included in this cumulative update.
- Dell recommends upgrading to the latest release/version of your product. To schedule a platform security patch installation or firmware upgrade, please contact Dell Customer Support.
Known Issue:
- Upgrading directly to the August 2025 firmware, which includes BIOS 2.24.0, may fail on systems running BIOS versions prior to 2.12.2, due to compatibility constraints.
Required Action:
- To verify the BIOS version, run the following command in the Avamar console as an admin/root user:
omreport system version
- If the BIOS version is earlier than 2.12.2 contact Dell Customer Support to apply the September 2021 firmware block (AVP: Gen5aSep2021Blk338753.avp) before installing the August 2025 firmware.
Kiertotavat ja lievennyskeinot
None
Versiohistoria
| Revision | Date | Description |
| 1.0 | 2025-09-01 | Initial Release |
| 2.0 | 2025-10-06 | Replaced the NVD generic search link with the PowerEdge and iDrac advisories |
| 3.0 | 2025-10-22 | Major update to include CVE-2024-48012 |
| 4.0 | 2025-12-30 | Updated 'Additional Information' section |
Asiaan liittyvät tiedot
Vastuuvapauslauseke
Tuotteet, joihin vaikutus kohdistuu
Avamar, Avamar Data Store, Avamar Data Store Gen5A, Avamar ServerArtikkelin ominaisuudet
Artikkelin numero: 000362542
Artikkelin tyyppi: Dell Security Advisory
Viimeksi muutettu: 30 jouluk. 2025
Etsi vastauksia kysymyksiisi muilta Dell-käyttäjiltä
Tukipalvelut
Tarkista, kuuluuko laitteesi tukipalveluiden piiriin.