DSA-2025-215: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities
Résumé: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Cet article concerne
Cet article ne concerne pas
Cet article n’est associé à aucun produit spécifique.
Toutes les versions du produit ne sont pas identifiées dans cet article.
Impact
Critical
Détails
| Third-party Component | CVEs | More Information |
| VMware ESXi 7.0.3 and vCenter Server 7.0.3 | CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228, CVE-2025-41241 | VMSA-2025-0010 , VMSA-2025-0014 |
| vCenter Server 7.0.3 | CVE-2024-42154,CVE-2024-42224,CVE-2024-38428, CVE-2023-46589, CVE-2024-23672,CVE-2024-24549, CVE-2024-0743,CVE-2024-26458,CVE-2024-26461,CVE-2024-26898,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-6345,CVE-2024-9681,CVE-2024-23807, CVE-2024-44987, CVE-2024-44998, CVE-2024-44999, CVE-2024-46673, CVE-2024-46674, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-27282, CVE-2024-2397, CVE-2023-5115 | VMware vCenter Server Photon OS Security Patches |
| Security Update for Dell AMD-based PowerEdge Server Vulnerability | CVE-2024-36347 | DSA-2025-112 |
| Security Update for Dell PowerEdge Server BIOS for Tianocore EDK2 Vulnerability | CVE-2024-38796 | DSA-2025-038 |
| Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities | CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-24852, CVE-2024-36274 | DSA-2025-042 |
| Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities | CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 | DSA-2025-085 |
| Security Update for Dell PowerEdge Server for Intel 2025 Security Advisories (2025.1 IPU) | CVE-2024-28956, CVE-2024-39279, CVE-2024-28047 | DSA-2025-041 |
| Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.4 IPU) | CVE-2024-31068 | DSA-2024-381 |
| SQLite | CVE-2023-7104 | https://nvd.nist.gov/vuln/search |
| Python | CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 | https://nvd.nist.gov/vuln/search |
| CPython | CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2024-2511 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2024-37891 | https://nvd.nist.gov/vuln/search |
| Python-Requests | CVE-2023-32681 | https://nvd.nist.gov/vuln/search |
| XZ Utils | CVE-2024-47611, CVE-2020-22916 | https://nvd.nist.gov/vuln/search |
| Security Update for Dell iDRAC9 and iDRAC10 Vulnerabilities | CVE-2025-22397, CVE-2026-26945 | DSA-2025-376 , DSA-2026-113 |
| SUSE Updates | CVE-2025-31650, CVE-2025-31651, CVE-2023-40403, CVE-2024-55549, CVE-2025-24855, CVE-2022-49080, CVE-2024-35949, CVE-2024-50128, CVE-2024-53135, CVE-2024-57948, CVE-2025-21690, CVE-2025-21692, CVE-2025-21699, CVE-2025-27363, CVE-2025-27219, CVE-2025-27220, CVE-2024-47220, CVE-2025-1795, CVE-2025-22868, CVE-2025-22869, CVE-2024-8176, CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053, CVE-2025-32907, CVE-2025-32914, CVE-2025-46420, CVE-2025-46421, CVE-2025-24813, CVE-2024-56337, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698, CVE-2022-49053, CVE-2022-49465, CVE-2022-49739, CVE-2023-52935, CVE-2024-53064, CVE-2024-56651, CVE-2024-58083, CVE-2025-21693, CVE-2025-21714, CVE-2025-21732, CVE-2025-21753, CVE-2025-21772, CVE-2025-32051, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32912, CVE-2025-32913, CVE-2025-32433, CVE-2025-31344 | www.suse.com |
Produits concernés et mesure corrective
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
Solutions de contournement et mesures d’atténuation
| CVE ID | Workaround and Mitigation |
| CVE-2023-48795 | https://www.dell.com/support/kbdoc/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance |
| CVE-2025-2884 | https://www.dell.com/support/kbdoc/000346621 |
| CVE-2025-41236, CVE-2025-41237, CVE-2025-41238,CVE-2025-41239 | https://www.dell.com/support/kbdoc/000343605 |
Historique des révisions
| Revision | Date | Description |
| 1.0 | 2025-05-28 | Initial Release |
| 2.0 | 2025-07-28 | Added mitigation for CVE-2025-2884 |
| 3.0 | 2025-08-12 | Added mitigation for CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 and added CVE-2025-41241 to the advisory. |
| 4.0 | 2025-09-18 | Updated the Mitigation link for CVE-2025-2884 |
| 5.0 | 2025-11-14 | Added CVE-2025-22397 to the remediated table |
| 6.0 | 2026-03-31 | Added CVE-2026-26945 to the remediated table |
Informations connexes
Mention légale
Produits concernés
VxRail, VxRail Appliance Series, VxRail E660, VxRail E660NPropriétés de l’article
Numéro d’article: 000325586
Type d’article: Dell Security Advisory
Dernière modification: 31 mars 2026
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.