DSA-2025-215: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities
概要: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
この記事は次に適用されます:
この記事は次には適用されません:
この記事は、特定の製品に関連付けられていません。
すべての製品パージョンがこの記事に記載されているわけではありません。
影響
Critical
詳細
| Third-party Component | CVEs | More Information |
| VMware ESXi 7.0.3 and vCenter Server 7.0.3 | CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228, CVE-2025-41241 | VMSA-2025-0010 , VMSA-2025-0014 |
| vCenter Server 7.0.3 | CVE-2024-42154,CVE-2024-42224,CVE-2024-38428, CVE-2023-46589, CVE-2024-23672,CVE-2024-24549, CVE-2024-0743,CVE-2024-26458,CVE-2024-26461,CVE-2024-26898,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-6345,CVE-2024-9681,CVE-2024-23807, CVE-2024-44987, CVE-2024-44998, CVE-2024-44999, CVE-2024-46673, CVE-2024-46674, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-27282, CVE-2024-2397, CVE-2023-5115 | VMware vCenter Server Photon OS Security Patches |
| Security Update for Dell AMD-based PowerEdge Server Vulnerability | CVE-2024-36347 | DSA-2025-112 |
| Security Update for Dell PowerEdge Server BIOS for Tianocore EDK2 Vulnerability | CVE-2024-38796 | DSA-2025-038 |
| Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities | CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-24852, CVE-2024-36274 | DSA-2025-042 |
| Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities | CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 | DSA-2025-085 |
| Security Update for Dell PowerEdge Server for Intel 2025 Security Advisories (2025.1 IPU) | CVE-2024-28956, CVE-2024-39279, CVE-2024-28047 | DSA-2025-041 |
| Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.4 IPU) | CVE-2024-31068 | DSA-2024-381 |
| SQLite | CVE-2023-7104 | https://nvd.nist.gov/vuln/search |
| Python | CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 | https://nvd.nist.gov/vuln/search |
| CPython | CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2024-2511 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2024-37891 | https://nvd.nist.gov/vuln/search |
| Python-Requests | CVE-2023-32681 | https://nvd.nist.gov/vuln/search |
| XZ Utils | CVE-2024-47611, CVE-2020-22916 | https://nvd.nist.gov/vuln/search |
| Security Update for Dell iDRAC9 and iDRAC10 Vulnerabilities | CVE-2025-22397, CVE-2026-26945 | DSA-2025-376 , DSA-2026-113 |
| SUSE Updates | CVE-2025-31650, CVE-2025-31651, CVE-2023-40403, CVE-2024-55549, CVE-2025-24855, CVE-2022-49080, CVE-2024-35949, CVE-2024-50128, CVE-2024-53135, CVE-2024-57948, CVE-2025-21690, CVE-2025-21692, CVE-2025-21699, CVE-2025-27363, CVE-2025-27219, CVE-2025-27220, CVE-2024-47220, CVE-2025-1795, CVE-2025-22868, CVE-2025-22869, CVE-2024-8176, CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053, CVE-2025-32907, CVE-2025-32914, CVE-2025-46420, CVE-2025-46421, CVE-2025-24813, CVE-2024-56337, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698, CVE-2022-49053, CVE-2022-49465, CVE-2022-49739, CVE-2023-52935, CVE-2024-53064, CVE-2024-56651, CVE-2024-58083, CVE-2025-21693, CVE-2025-21714, CVE-2025-21732, CVE-2025-21753, CVE-2025-21772, CVE-2025-32051, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32912, CVE-2025-32913, CVE-2025-32433, CVE-2025-31344 | www.suse.com |
影響を受ける製品と修復
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
回避策と緩和策
| CVE ID | Workaround and Mitigation |
| CVE-2023-48795 | https://www.dell.com/support/kbdoc/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance |
| CVE-2025-2884 | https://www.dell.com/support/kbdoc/000346621 |
| CVE-2025-41236, CVE-2025-41237, CVE-2025-41238,CVE-2025-41239 | https://www.dell.com/support/kbdoc/000343605 |
変更履歴
| Revision | Date | Description |
| 1.0 | 2025-05-28 | Initial Release |
| 2.0 | 2025-07-28 | Added mitigation for CVE-2025-2884 |
| 3.0 | 2025-08-12 | Added mitigation for CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 and added CVE-2025-41241 to the advisory. |
| 4.0 | 2025-09-18 | Updated the Mitigation link for CVE-2025-2884 |
| 5.0 | 2025-11-14 | Added CVE-2025-22397 to the remediated table |
| 6.0 | 2026-03-31 | Added CVE-2026-26945 to the remediated table |
関連情報
法的免責事項
対象製品
VxRail, VxRail Appliance Series, VxRail E660, VxRail E660N文書のプロパティ
文書番号: 000325586
文書の種類: Dell Security Advisory
最終更新: 31 3月 2026
質問に対する他のDellユーザーからの回答を見つける
サポート サービス
お使いのデバイスがサポート サービスの対象かどうかを確認してください。