DSA-2025-027: Security Update for Dell VxRail for Multiple Vulnerabilities

Samenvatting: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Dit artikel is van toepassing op Dit artikel is niet van toepassing op Dit artikel is niet gebonden aan een specifiek product. Niet alle productversies worden in dit artikel vermeld.
Bekijk andere hulpbronnen

Impact

High

Gegevens

Third-party Component

CVEs

More Information

SuSE Updates

CVE-2024-9287,CVE-2023-50782,CVE-2024-28168,CVE-2024-9681,CVE-2024-21208,CVE-2024-21210,CVE-2024-21217,CVE-2024-21235,CVE-2024-43398,CVE-2024-41123,CVE-2024-41946,CVE-2024-35176,CVE-2024-39908,CVE-2024-10976,CVE-2024-10977,CVE-2024-10978,CVE-2024-10979,CVE-2024-52533,CVE-2024-43854,CVE-2024-49925,CVE-2024-49945,CVE-2024-50208,CVE-2022-48879,CVE-2022-48956,CVE-2022-48959,CVE-2022-48960,CVE-2022-48962,CVE-2022-48991,CVE-2022-49015,CVE-2024-45013,CVE-2024-45016,CVE-2024-45026,CVE-2024-46716,CVE-2024-46813,CVE-2024-46814,CVE-2024-46815,CVE-2024-46816,CVE-2024-46817,CVE-2024-46818,CVE-2024-46849,CVE-2024-47668,CVE-2024-47674,CVE-2024-47684,CVE-2024-47706,CVE-2024-47747,CVE-2024-47748,CVE-2024-49860,CVE-2024-49930,CVE-2024-49936,CVE-2024-49960,CVE-2024-49969,CVE-2024-49974,CVE-2024-49991,CVE-2024-49995,CVE-2024-50047,CVE-2024-52316

SUSE.comThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-21102

Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.

Proprietary Code CVEs

Description

CVSS Base Score

CVSS Vector String

CVE-2025-21102

Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

7.5

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HThis hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

Product

Affected Versions

Remediated Versions

Link

Dell VxRail Appliance

Versions 7.0.000 through 7.0.532

Version 7.0.533 or later

Drivers & Downloads

Product

Affected Versions

Remediated Versions

Link

Dell VxRail Appliance

Versions 7.0.000 through 7.0.532

Version 7.0.533 or later

Drivers & Downloads

Revisiegeschiedenis

Revision

Date

Description

1.0

2025-01-08

Initial Release

2.0

2025-01-16

Updating the advisory to extend our gratitude to Klaas Demter for reporting this issue.

Bevestigingen

Dell Technologies would like to thank Klaas Demter for reporting this issue.

Verwante informatie

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridische verklaring van afstand

Getroffen producten

VxRail, VMware, VxRail Appliance Series
Artikeleigenschappen
Artikelnummer: 000269793
Artikeltype: Dell Security Advisory
Laatst aangepast: 08 sep. 2025
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.