DSA-2021-186: PowerPath Windows Security Update for OpenSSL_Configuration Utility Vulnerabilities
Résumé: OpenSSL_Configuration Utility for PowerPath Windows contains remediation for SM2 Decryption Buffer Overflow and Read buffer overruns processing ASN.1 strings vulnerabilities that could be exploited by malicious users to compromise the affected systems. OpenSSL is being used for communication between PowerPath Windows host and Management server. OpenSSL is not bundled in PowerPath Windows package. However, separate compiled OpenSSL libraries are provided to customers through Dell EMC download site along with an installation script so that customers can install them separately. As vulnerability has been disclosed in the OpenSSL versions, as a remediation PowerPath engineering will update the download site with the latest OpenSSL libraries. ...
Cet article concerne
Cet article ne concerne pas
Cet article n’est associé à aucun produit spécifique.
Toutes les versions du produit ne sont pas identifiées dans cet article.
Impact
High
Détails
| Third-Party Component |
CVE(s) | More information |
| Third-Party Component | CVE-2021-3711 | https://nvd.nist.gov/vuln/detail/CVE-2021-3711 |
| Third-Party Component | CVE-2021-3712 | https://nvd.nist.gov/vuln/detail/CVE-2021-3712 |
| Third-Party Component |
CVE(s) | More information |
| Third-Party Component | CVE-2021-3711 | https://nvd.nist.gov/vuln/detail/CVE-2021-3711 |
| Third-Party Component | CVE-2021-3712 | https://nvd.nist.gov/vuln/detail/CVE-2021-3712 |
Produits concernés et mesure corrective
| CVE(s) Addressed | Product | Affected Version(s) | Updated Version(s) | Link to Update |
| CVE-2021-3711 | PowerPath Windows |
OpenSSL_Configuration Utility | OpenSSL_Configuration Utility 2.0 | https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers |
| CVE-2021-3712 | PowerPath Windows |
OpenSSL_Configuration Utility | OpenSSL_Configuration Utility 2.0 | https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers |
| CVE(s) Addressed | Product | Affected Version(s) | Updated Version(s) | Link to Update |
| CVE-2021-3711 | PowerPath Windows |
OpenSSL_Configuration Utility | OpenSSL_Configuration Utility 2.0 | https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers |
| CVE-2021-3712 | PowerPath Windows |
OpenSSL_Configuration Utility | OpenSSL_Configuration Utility 2.0 | https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers |
Solutions de contournement et mesures d’atténuation
None
Historique des révisions
| Revision | Date | Description |
| 1.0 | 2021-09-16 | Initial Release |
Informations connexes
Mention légale
Produits concernés
Product Security InformationPropriétés de l’article
Numéro d’article: 000191543
Type d’article: Dell Security Advisory
Dernière modification: 21 nov. 2025
Trouvez des réponses à vos questions auprès d’autres utilisateurs Dell
Services de support
Vérifiez si votre appareil est couvert par les services de support.