DSA-2021-295: Dell EMC PowerStore Family Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832, and CVE-2022-23307)

Sammendrag: Dell EMC PowerStore Family remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...

Denne artikkelen gjelder for Denne artikkelen gjelder ikke for Denne artikkelen er ikke knyttet til noe bestemt produkt. Det er ikke produktversjonene som identifiseres i denne artikkelen.
Ta en titt på andre ressurser

Påvirkning

Critical

Detaljer

Third-party Component CVEs More information
Apache log4j CVE-2021-44228 Apache Log4j Remote Code Execution
CVE-2021-45046
CVE-2021-45105
CVE-2021-44832
CVE-2022-23307
Third-party Component CVEs More information
Apache log4j CVE-2021-44228 Apache Log4j Remote Code Execution
CVE-2021-45046
CVE-2021-45105
CVE-2021-44832
CVE-2022-23307
Dell Technologies anbefaler at alle kunder tar hensyn til både grunnpoengsummen og alle relevante, midlertidige og miljømessige resultater som kan påvirke den potensielle alvorlighetsgraden knyttet til bestemte sikkerhetsproblemer.

Berørte produkter og utbedring

CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2021-44228 Dell EMC PowerStore Family Operating System
 		 Versions before 2.0.1.3-1538564 PowerStore T OS Upgrade 2.0.1.3-1538564
PowerStore X OS Upgrade 2.0.1.3-1538564
PowerStore T OS Upgrade 2.1.0.0-1561821		 https://www.dell.com/support/home/?app=drivers
CVE-2021-45046
CVE-2021-45105 Dell EMC PowerStore Family Operating System
 		 Versions before 2.1.1.0-1649887 PowerStore T OS Upgrade 2.1.1.0-1649887
PowerStore X OS 2.1.1.0-1649887
 		 https://www.dell.com/support/home/?app=drivers

See KB article 196367: DSA-2022-014: Dell EMC PowerStore Family Security Update for Multiple Vulnerabilities
CVE-2021-44832
CVE-2022-23307
CVEs Addressed Product Affected Versions Updated Versions Link to Update
CVE-2021-44228 Dell EMC PowerStore Family Operating System
 		 Versions before 2.0.1.3-1538564 PowerStore T OS Upgrade 2.0.1.3-1538564
PowerStore X OS Upgrade 2.0.1.3-1538564
PowerStore T OS Upgrade 2.1.0.0-1561821		 https://www.dell.com/support/home/?app=drivers
CVE-2021-45046
CVE-2021-45105 Dell EMC PowerStore Family Operating System
 		 Versions before 2.1.1.0-1649887 PowerStore T OS Upgrade 2.1.1.0-1649887
PowerStore X OS 2.1.1.0-1649887
 		 https://www.dell.com/support/home/?app=drivers

See KB article 196367: DSA-2022-014: Dell EMC PowerStore Family Security Update for Multiple Vulnerabilities
CVE-2021-44832
CVE-2022-23307

Endringshistorikk

RevisionDateDescription
1.02021-12-30Initial Release
2.02022-01-26Updated Affected Products and Remediation section: Affected Versions, Updated Versions, and Link to Update
3.02022-04-20Updated Affected Products and Remediation sections: Updated Versions and Link to Update.

Relatert informasjon

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Juridisk ansvarsfraskrivelse

Berørte produkter

PowerStore, PowerStore 1000X, PowerStore 1000T, PowerStore 3000X, PowerStore 3000T, PowerStore 5000X, PowerStore 5000T, PowerStore 500T, PowerStore 7000X, PowerStore 7000T, PowerStore 9000X, PowerStore 9000T, Product Security Information
Artikkelegenskaper
Artikkelnummer: 000194739
Artikkeltype: Dell Security Advisory
Sist endret: 21 apr. 2022
Få svar på spørsmålene dine fra andre Dell-brukere
Støttetjenester
Sjekk om enheten din er dekket av støttetjenestene.