DSA-2023-459: Beveiligingsupdate voor Dell PowerScale OneFS voor meerdere kwetsbaarheden in componenten van derden

Summary: Dell PowerScale OneFS oplossing is beschikbaar voor meerdere beveiligingslekken in knooppuntfirmware die door kwaadwillende gebruikers kunnen worden misbruikt om het getroffen systeem in gevaar te brengen. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Impact

Critical

Details

Component van derden CVE's Meer informatie
Intel BIOS CVE-2023-25537, CVE-2023-0215, CVE-2023-0286, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578, CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670, CVE-2017-5715 DSA-2023-098, DSA-2023-134, INTEL-SA-00717Deze hyperlink leidt u naar een website buiten Dell Technologies., DSA-2023-097
Dell SmartFabric OS10 CVE-2023-28078 https://nvd.nist.gov/vuln/detail/CVE-2023-28078 Deze hyperlink leidt u naar een website buiten Dell Technologies.

Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.

Affected Products & Remediation

CVE's aangepakt Product Software/firmware Versie waarin dit probleem optreedt Herstelde versie Koppeling
CVE-2023-28078 PowerScale OneFS met Dell Networking switch waarop Networking OS10-firmware wordt uitgevoerd DNOS     Eerdere versies dan 10.5.2.13 10.5.2.13 SmartFabric OS10 drivers en downloads
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon A200 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon A2000 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Archive A300 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Archive A3000 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale B100 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale F200 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale F600 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 PowerScale F800 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 PowerScale F810 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578, CVE-2023-25537, CVE-2022-32231, CVE-2022-26343 PowerScale F900 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H400 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H500 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H600 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H5600 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Hybrid H700 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Hybrid H7000 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale P100 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE's aangepakt Product Software/firmware Versie waarin dit probleem optreedt Herstelde versie Koppeling
CVE-2023-28078 PowerScale OneFS met Dell Networking switch waarop Networking OS10-firmware wordt uitgevoerd DNOS     Eerdere versies dan 10.5.2.13 10.5.2.13 SmartFabric OS10 drivers en downloads
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon A200 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon A2000 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Archive A300 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Archive A3000 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale B100 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale F200 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale F600 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 PowerScale F800 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 PowerScale F810 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2021-38578, CVE-2023-25537, CVE-2022-32231, CVE-2022-26343 PowerScale F900 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H400 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H500 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H600 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2022-0778, CVE-2021-3711, CVE-2021-3712, CVE-2021-30004, CVE-2020-8670 Isilon H5600 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Hybrid H700 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2021-30004, CVE-2017-5715 PowerScale Hybrid H7000 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
CVE-2023-25537, CVE-2023-0215, CVE-2022-4450, CVE-2023-0286, CVE-2022-4304, CVE-2022-32231, CVE-2022-26343, CVE-2021-38578 PowerScale P100 PowerScale Node Firmware Package Versies vóór 12.0 Versie 12.0 of hoger PowerScale OneFS downloadgebied
Bekijk het firmware-evaluatierapport om te bepalen voor welke knooppunten een upgrade nodig is. Zie voor instructies over het voltooien van de evaluatie en het rapport het gedeelte Een firmware-evaluatie uitvoeren in de releaseopmerkingen.
CVE-2023-28078 bevat PowerScale OneFS-versies 8.2.x t/m 9.7.0.x met DNOS-versie vóór 10.5.2.13

Revision History

RevisieDatumBeschrijving
1.02024-01-04Eerste release
2.02024-01-17De CVE's van AMI BIOS en Intel BIOS zijn gecombineerd in één rij
3,02024-02-26CVE-2023-28078 toegevoegd aan de DSA
4.02024-05-22Bijgewerkt voor verbeterde presentatie zonder wijzigingen in de inhoud. 

Related Information

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Legal Disclaimer

Affected Products

PowerScale, Isilon A200, Isilon A2000, Isilon H400, Isilon H500, Isilon H5600, Isilon H600, PowerScale OneFS, PowerScale Archive A300, PowerScale Archive A3000, PowerScale B100, PowerScale F200, PowerScale F600, PowerScale F900 , PowerScale Hybrid H700, PowerScale Hybrid H7000, PowerScale P100 ...
Article Properties
Article Number: 000220650
Article Type: Dell Security Advisory
Last Modified: 23 May 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.