DSA-2025-300: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Multiple Third-Party Component Vulnerabilities

Table des matières

Article détaillé

Impact

Produits touchés et correction

Historique de révision

Informations connexes

Avis de non-responsabilité

Produits touchés

Envoyez vos commentaires

Sommaire: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...

Cet article s’applique à Cet article ne s’applique pas à Cet article n’est lié à aucun produit spécifique. Toutes les versions de produits ne sont pas identifiées dans cet article.

Consulter d’autres ressources

Impact

Critical

Détails

Third-party Component	CVEs	More Information
Hypervisor Manager	CVE-2025-22224, CVE-2025-22225, CVE-2025-22226, CVE-2024-37086, CVE-2024-22273	VMSA-2024-0013, VMSA-2024-0011, VMSA-2025-0004
Appliance OS	CVE-2019-17571, CVE-2020-9488, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307, CVE-2023-26464, CVE-2008-5161, CVE-2016-0909, CVE-2023-23931, CVE-2024-45774, CVE-2024-45775, CVE-2024-45776, CVE-2024-45777, CVE-2024-45778, CVE-2024-45779, CVE-2024-45780, CVE-2024-45781, CVE-2024-45782, CVE-2024-45783, CVE-2024-56737, CVE-2025-0622, CVE-2025-0624, CVE-2025-0677, CVE-2025-0678, CVE-2025-0684, CVE-2025-0685, CVE-2025-0686, CVE-2025-0689, CVE-2025-0690, CVE-2025-1118, CVE-2025-1125, CVE-2025-0167, CVE-2025-0725, CVE-2024-52533, CVE-2022-48960, CVE-2024-47685, CVE-2024-52533, CVE-2024-50379, CVE-2024-50058, CVE-2024-50047, CVE-2024-50045, CVE-2024-50035, CVE-2024-50033, CVE-2024-50024, CVE-2024-50007, CVE-2024-50006, CVE-2024-49996, CVE-2024-49995, CVE-2024-49991, CVE-2024-49982, CVE-2024-49967, CVE-2024-49966, CVE-2024-49965, CVE-2024-49962, CVE-2024-49959, CVE-2024-49958, CVE-2024-49957, CVE-2024-49949, CVE-2024-49936, CVE-2024-49929, CVE-2024-49920, CVE-2024-49901, CVE-2024-49896, CVE-2024-49894, CVE-2024-49891, CVE-2024-49890, CVE-2024-49883, CVE-2024-49882, CVE-2024-49881, CVE-2024-49877, CVE-2024-49860, CVE-2024-49851, CVE-2024-47749, CVE-2024-47745, CVE-2024-47742, CVE-2024-47737, CVE-2024-47735, CVE-2024-47713, CVE-2024-47707, CVE-2024-47706, CVE-2024-47698, CVE-2024-47697, CVE-2024-47696, CVE-2024-47685, CVE-2024-47684, CVE-2024-47674, CVE-2024-47673, CVE-2024-47672, CVE-2024-47670, CVE-2024-46848, CVE-2024-46841, CVE-2024-46840, CVE-2024-46834, CVE-2024-46826, CVE-2024-46818, CVE-2024-46816, CVE-2024-46813, CVE-2024-46809, CVE-2024-46802, CVE-2024-46755, CVE-2024-46724, CVE-2024-44958, CVE-2024-44931, CVE-2024-42253, CVE-2024-42145, CVE-2024-42114, CVE-2024-41082, CVE-2024-41016, CVE-2024-40965, CVE-2024-39476, CVE-2024-38538, CVE-2024-27043, CVE-2024-26804, CVE-2023-6270, CVE-2023-52919, CVE-2023-52918, CVE-2023-52898, CVE-2023-52881, CVE-2023-46343, CVE-2022-49029, CVE-2022-49028, CVE-2022-49027, CVE-2022-49026, CVE-2022-49021, CVE-2022-49020, CVE-2022-49015, CVE-2022-49014, CVE-2022-49011, CVE-2022-49010, CVE-2022-49002, CVE-2022-49000, CVE-2022-48997, CVE-2022-48992, CVE-2022-48991, CVE-2022-48988, CVE-2022-48985, CVE-2022-48978, CVE-2022-48973, CVE-2022-48972, CVE-2022-48971, CVE-2022-48969, CVE-2022-48967, CVE-2022-48966, CVE-2022-48962, CVE-2022-48960, CVE-2022-48958, CVE-2022-48956, CVE-2022-48951, CVE-2022-48949, CVE-2022-48946, CVE-2022-48809, CVE-2022-48790, CVE-2022-48789, CVE-2022-48788, CVE-2021-47612, CVE-2021-47416, CVE-2021-47163, CVE-2021-46936	https://nvd.nist.gov/vuln/search
iDRAC	CVE-2025-26465, CVE-2025-26466, CVE-2024-45490, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-4741, CVE-2024-6119, CVE-2024-9143, CVE-2023-48795, CVE-2024-25943, CVE-2023-29499, CVE-2024-38433	DSA-2024-460, DSA-2024-342,DSA-2024-295, DSA-2024-286, DSA-2024-223, DSA-2024-099, DSA-2024-021
iDRAC9	CVE-2025-22397, CVE-2024-48012	DSA-2025-376, DSA-2025-046
BIOS	CVE-2024-38796, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-28956, CVE-2024-36293, CVE-2024-39279, CVE-2024-31157, CVE-2024-28047, CVE-2023-52340, CVE-2024-42154, CVE-2024-38665, CVE-2024-23919, CVE-2024-34023, CVE-2024-34170, CVE-2024-38304, CVE-2024-38303, CVE-2024-23599, CVE-2023-22351, CVE-2024-21871, CVE-2023-25546, CVE-2023-42772, CVE-2024-21829, CVE-2024-21781, CVE-2023-41833, CVE-2023-43753, CVE-2024-23984, CVE-2024-24968, CVE-2024-6387, CVE-2024-22374, CVE-2024-21801, CVE-2024-24580, CVE-2024-22376, CVE-2024-21810, CVE-2024-23497, CVE-2024-23981, CVE-2024-24986, CVE-2024-21807, CVE-2024-21769, CVE-2024-24983, CVE-2024-23499, CVE-2024-21806, CVE-2024-24853, CVE-2024-21828, CVE-2023-47165, CVE-2023-39432, CVE-2023-33870, CVE-2023-29153, CVE-2024-0173, CVE-2024-0154, CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45236, CVE-2023-45237, CVE-2023-32460, CVE-2022-40982, CVE-2022-43505, CVE-2023-22276, CVE-2023-25775, CVE-2024-0172, CVE-2022-38087, CVE-2023-25537, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578, CVE-2022-30539, CVE-2022-32231, CVE-2022-26837, CVE-2022-30704, CVE-2021-0187, CVE-2022-26343, CVE-2024-24852, CVE-2024-36274, CVE-2024-37020	DSA-2025-042, DSA-2025-041, DSA-2025-038, DSA-2024-383, DSA-2024-359, DSA-2024-310, DSA-2024-309, DSA-2024-308, DSA-2024-206, DSA-2024-035, DSA-2024-034, DSA-2024-001, DSA-2023-357, DSA-2023-208, DSA-2023-206, DSA-2023-134, DSA-2023-098, DSA-2023-097, DSA-2023-096, DSA-2023-014
Apache Tomcat	CVE-2024-50379, CVE-2025-31650, CVE-2025-31651, CVE-2024-52316, CVE-2024-38286, CVE-2024-34750	https://nvd.nist.gov/vuln/search

Dell Technologies recommande à tous ses clients de tenir compte à la fois du score de base CVSS et de tous les scores temporels et environnementaux pertinents qui pourraient avoir une incidence sur la gravité potentielle associée à une vulnérabilité de sécurité particulière.

Produits touchés et correction

Product	Software/Firmware	Affected Versions	Remediated Versions	Link
PowerProtect Data Protection Hardware	PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP4400 and DP5900 Appliances PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP8xxx Appliances	Versions prior to 2.7.9	Version 2.7.9 or later	PowerProtect Data Protection Hardware \| Drivers & Downloads

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

PowerProtect Data Protection Hardware

PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP4400 and DP5900 Appliances

PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP8xxx Appliances

Versions prior to 2.7.9

Version 2.7.9 or later

PowerProtect Data Protection Hardware | Drivers & Downloads

Product	Software/Firmware	Affected Versions	Remediated Versions	Link
PowerProtect Data Protection Hardware	PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP4400 and DP5900 Appliances PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP8xxx Appliances	Versions prior to 2.7.9	Version 2.7.9 or later	PowerProtect Data Protection Hardware \| Drivers & Downloads

Product

Software/Firmware

Affected Versions

Remediated Versions

Link

PowerProtect Data Protection Hardware

PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP4400 and DP5900 Appliances

PowerProtect DP Series-IDPA 2.7.9 Upgrade for DP8xxx Appliances

Versions prior to 2.7.9

Version 2.7.9 or later

PowerProtect Data Protection Hardware | Drivers & Downloads

Note:

Dell PowerProtect DP Series Appliance (Integrated Data Protection Appliance) has addressed all the CVEs mentioned in DSA-2025-159.

Historique de révision

Revision	Date	Description
1.0	2025-09-11	Initial release
2.0	2025-09-16	Updated for enhanced presentation with no changes to content
3.0	2025-12-24	Removed CVE-2024-37085 as it was determined there is an effective workaround implemented, mitigating the risk
4.0	2026-01-08	Updated CVE Identifier, Third Party Components to include iDRAC9 CVEs

Renseignements connexes

Avis de non-responsabilité

Produits touchés

PowerProtect Data Protection Appliance, PowerProtect DP4400, PowerProtect DP8300, PowerProtect DP8800, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware , Integrated Data Protection Appliance Software, PowerProtect DP5900, PowerProtect DP8400, PowerProtect DP8900 ...

Numéro d’article: 000368282

Type d’article: Dell Security Advisory

Dernière modification: 08 janv. 2026

Vérifiez si votre appareil est couvert par les services de soutien.

DSA-2025-300: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Multiple Third-Party Component Vulnerabilities

Sommaire: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...

Impact

Détails

Produits touchés et correction

Historique de révision

Renseignements connexes

Avis de non-responsabilité

Produits touchés

Propriétés de l’article

Obtenez des réponses à vos questions auprès d’autre utilisateurs de Dell

Services de soutien

Propriétés de l’article

Obtenez des réponses à vos questions auprès d’autre utilisateurs de Dell

Services de soutien

DSA-2025-300: Security Update for Dell PowerProtect DP Series Appliance (IDPA) Multiple Third-Party Component Vulnerabilities

Sommaire: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ... Afficher plus Afficher moins

Article détaillé

Impact

Détails

Produits touchés et correction

Historique de révision

Informations connexes

Avis de non-responsabilité

Produits touchés

Impact

Détails

Produits touchés et correction

Historique de révision

Renseignements connexes

Avis de non-responsabilité

Produits touchés

Propriétés de l’article

Obtenez des réponses à vos questions auprès d’autre utilisateurs de Dell

Services de soutien

Propriétés de l’article

Obtenez des réponses à vos questions auprès d’autre utilisateurs de Dell

Services de soutien

Sommaire: Dell PowerProtect DP Series Appliance (IDPA) remediation is available for multiple security vulnerabilities in Infrastructure that could be exploited by malicious users to compromise the affected system. ...