DSA-2025-215: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities
Podsumowanie: Dell VxRail remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.
Ten artykuł dotyczy
Ten artykuł nie dotyczy
Ten artykuł nie jest powiązany z żadnym konkretnym produktem.
Nie wszystkie wersje produktu zostały zidentyfikowane w tym artykule.
Skutki
Critical
Szczegóły
| Third-party Component | CVEs | More Information |
| VMware ESXi 7.0.3 and vCenter Server 7.0.3 | CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228, CVE-2025-41241 | VMSA-2025-0010 , VMSA-2025-0014 |
| vCenter Server 7.0.3 | CVE-2024-42154,CVE-2024-42224,CVE-2024-38428, CVE-2023-46589, CVE-2024-23672,CVE-2024-24549, CVE-2024-0743,CVE-2024-26458,CVE-2024-26461,CVE-2024-26898,CVE-2024-37370,CVE-2024-37371,CVE-2024-38588,CVE-2024-6345,CVE-2024-9681,CVE-2024-23807, CVE-2024-44987, CVE-2024-44998, CVE-2024-44999, CVE-2024-46673, CVE-2024-46674, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-27282, CVE-2024-2397, CVE-2023-5115 | VMware vCenter Server Photon OS Security Patches |
| Security Update for Dell AMD-based PowerEdge Server Vulnerability | CVE-2024-36347 | DSA-2025-112 |
| Security Update for Dell PowerEdge Server BIOS for Tianocore EDK2 Vulnerability | CVE-2024-38796 | DSA-2025-038 |
| Dell PowerEdge Server Security Update for Intel® Ethernet Controllers & Adapters and Intel® Processor Vulnerabilities | CVE-2024-25571, CVE-2024-21859, CVE-2024-31155, CVE-2024-37020, CVE-2024-24852, CVE-2024-36274 | DSA-2025-042 |
| Security Update for Dell AMD-based PowerEdge Server and GPU Vulnerabilities | CVE-2023-31342, CVE-2023-31343, CVE-2023-31345, CVE-2023-20581, CVE-2023-20582, CVE-2024-21924, CVE-2024-21925 | DSA-2025-085 |
| Security Update for Dell PowerEdge Server for Intel 2025 Security Advisories (2025.1 IPU) | CVE-2024-28956, CVE-2024-39279, CVE-2024-28047 | DSA-2025-041 |
| Security Update for Dell PowerEdge Server for Intel 2024 Security Advisories (2024.4 IPU) | CVE-2024-31068 | DSA-2024-381 |
| SQLite | CVE-2023-7104 | https://nvd.nist.gov/vuln/search |
| Python | CVE-2024-35195, CVE-2022-40899, CVE-2024-6345 | https://nvd.nist.gov/vuln/search |
| CPython | CVE-2024-7592, CVE-2024-6232, CVE-2024-3219, CVE-2024-6923 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2024-2511 | https://nvd.nist.gov/vuln/search |
| urllib3 | CVE-2024-37891 | https://nvd.nist.gov/vuln/search |
| Python-Requests | CVE-2023-32681 | https://nvd.nist.gov/vuln/search |
| XZ Utils | CVE-2024-47611, CVE-2020-22916 | https://nvd.nist.gov/vuln/search |
| Security Update for Dell iDRAC9 and iDRAC10 Vulnerabilities | CVE-2025-22397, CVE-2026-26945 | DSA-2025-376 , DSA-2026-113 |
| SUSE Updates | CVE-2025-31650, CVE-2025-31651, CVE-2023-40403, CVE-2024-55549, CVE-2025-24855, CVE-2022-49080, CVE-2024-35949, CVE-2024-50128, CVE-2024-53135, CVE-2024-57948, CVE-2025-21690, CVE-2025-21692, CVE-2025-21699, CVE-2025-27363, CVE-2025-27219, CVE-2025-27220, CVE-2024-47220, CVE-2025-1795, CVE-2025-22868, CVE-2025-22869, CVE-2024-8176, CVE-2025-2784, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053, CVE-2025-32907, CVE-2025-32914, CVE-2025-46420, CVE-2025-46421, CVE-2025-24813, CVE-2024-56337, CVE-2025-21587, CVE-2025-30691, CVE-2025-30698, CVE-2022-49053, CVE-2022-49465, CVE-2022-49739, CVE-2023-52935, CVE-2024-53064, CVE-2024-56651, CVE-2024-58083, CVE-2025-21693, CVE-2025-21714, CVE-2025-21732, CVE-2025-21753, CVE-2025-21772, CVE-2025-32051, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32912, CVE-2025-32913, CVE-2025-32433, CVE-2025-31344 | www.suse.com |
Produkty, których dotyczy problem, i środki zaradcze
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell VxRail Appliance | Versions 7.0.000 through 7.0.541 | Version 7.0.550 or later | https://www.dell.com/support/home/product-support/product/vxrail-appliance-series/drivers |
Obejścia problemu i środki zaradcze
| CVE ID | Workaround and Mitigation |
| CVE-2023-48795 | https://www.dell.com/support/kbdoc/000318019/vxrail-how-to-mitigate-openssh-vulnerability-cve-2023-48795-on-vcenter-server-appliance |
| CVE-2025-2884 | https://www.dell.com/support/kbdoc/000346621 |
| CVE-2025-41236, CVE-2025-41237, CVE-2025-41238,CVE-2025-41239 | https://www.dell.com/support/kbdoc/000343605 |
Historia zmian
| Revision | Date | Description |
| 1.0 | 2025-05-28 | Initial Release |
| 2.0 | 2025-07-28 | Added mitigation for CVE-2025-2884 |
| 3.0 | 2025-08-12 | Added mitigation for CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 and added CVE-2025-41241 to the advisory. |
| 4.0 | 2025-09-18 | Updated the Mitigation link for CVE-2025-2884 |
| 5.0 | 2025-11-14 | Added CVE-2025-22397 to the remediated table |
| 6.0 | 2026-03-31 | Added CVE-2026-26945 to the remediated table |
Powiązane informacje
Zastrzeżenie prawne
Produkty, których dotyczy problem
VxRail, VxRail Appliance Series, VxRail E660, VxRail E660NWłaściwości artykułu
Numer artykułu: 000325586
Typ artykułu: Dell Security Advisory
Ostatnia modyfikacja: 31 mar 2026
Znajdź odpowiedzi na swoje pytania u innych użytkowników produktów Dell
Usługi pomocy technicznej
Sprawdź, czy Twoje urządzenie jest objęte usługą pomocy technicznej.