DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

요약: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

영향

세부 정보

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

법적 고지 사항

해당 제품

피드백 제공

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.

기타 리소스 확인

영향

Critical

세부 정보

Third-Party Component	CVEs	More information
Dell PowerEdge Server BIOS	CVE-2024-28047, CVE-2024-36293, CVE-2024-39279, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2024-28956, CVE-2024-31068, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044	DSA-2025-041, DSA-2025-042, DSA-2025-156, DSA-2025-297, DSA-2024-381, DSA-2025-038
Dell Remote Access Controller (iDRAC)	CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-26466, CVE-2024-480, CVE-2025-22397	DSA-2025-146, DSA-2025-156, DSA-2025-376

Dell Technologies는 모든 고객이 CVSS 기본 점수와 관련 임시 및 환경 점수를 모두 고려할 것을 권장합니다. 이 경우 특정 보안 취약성과 관련된 잠재적인 심각도에 영향을 미칠 수 있습니다.

영향을 받는 제품 및 문제 해결

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F210	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F710	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F910	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale F200	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale F600	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale F900	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale B100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-28047, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2024-28956, CVE-2024-48012, CVE-2024-45332, CVE-2024-38796, CVE-2025-26466, CVE-2025-22397	PowerScale P100	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F210	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F710	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area
CVE-2024-36293, CVE-2024-39279, CVE-2024-28047, CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-45332, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-50602, CVE-2024-2961, CVE-2024-52533, CVE-2023-6780, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-26466, CVE-2024-31068, CVE-2024-48012, CVE-2024-38796, CVE-2025-20109, CVE-2025-20044, CVE-2025-22397	PowerScale F910	PowerScale Node Firmware Package	Versions prior to 13.1.3	Version 13.1.3 or later	PowerScale OneFS Downloads Area

Notes:

We encourage all customers to upgrade to the remediated versions. If an upgrade is not feasible, customers should review the CVE details to determine potential risk to their environments.
To identify which nodes require upgrading, please refer to the firmware assessment report. For instructions on completing the assessment and report, please refer to the "Run a firmware assessment" section in PowerScale Node Firmware Package 13.1.3 Release Notes documented in Firmware - PowerScale Info Hub.
Due to the NFP installation issue with parallel upgrade, customers are advised not to perform parallel upgrades on version prior to 9.9.0.0.

해결 방법 및 완화 방안

None

개정 내역

Revision	Date	Description
1.0	2025-10-14	Initial Release
2.0	2026-02-25	Updated to include CVE-2025-22397

법적 고지 사항

해당 제품

PowerScale OneFS, PowerScale B100, PowerScale F200, PowerScale F210, PowerScale F600, PowerScale F710, PowerScale F900, PowerScale F910, PowerScale P100

문서 번호: 000363693

문서 유형: Dell Security Advisory

마지막 수정 시간: 25 2월 2026

디바이스에 지원 서비스가 적용되는지 확인하십시오.

DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

요약: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

영향

세부 정보

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

관련 정보

법적 고지 사항

해당 제품

영향

세부 정보

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

관련 정보

법적 고지 사항

해당 제품

문서 속성

다른 Dell 사용자에게 질문에 대한 답변 찾기

지원 서비스

문서 속성

다른 Dell 사용자에게 질문에 대한 답변 찾기

지원 서비스

DSA-2025-166: Security Update for Dell PowerScale OneFS Multiple Third-Party Component Vulnerabilities

요약: Dell PowerScale OneFS remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

상세한 문서

영향

세부 정보

영향을 받는 제품 및 문제 해결

해결 방법 및 완화 방안

개정 내역

관련 정보

법적 고지 사항

해당 제품

문서 속성

다른 Dell 사용자에게 질문에 대한 답변 찾기

지원 서비스

문서 속성

다른 Dell 사용자에게 질문에 대한 답변 찾기

지원 서비스