DSA-2024-474: Security Update for Dell PowerFlex Rack Multiple Third-Party Component Vulnerabilities
Sammanfattning: Dell PowerFlex Rack remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system
Den här artikeln gäller för
Den här artikeln gäller inte för
Den här artikeln är inte kopplad till någon specifik produkt.
Alla produktversioner identifieras inte i den här artikeln.
Påverkan
Critical
Information
| Third-party Component | CVEs | More Information |
| Dell PowerEdge Server BIOS | CVE-2023-45745, CVE-2023-47855, CVE-2023-31355, CVE-2024-21978, CVE-2024-21980, CVE-2023-31315, CVE-2023-49141, CVE-2021-26344, CVE-2021-26387, CVE-2021-46772, CVE-2021-46746, CVE-2023-20518, CVE-2023-20578, CVE-2023-20584, CVE-2023-20591, CVE-2023-31356, CVE-2024-21981, CVE-2024-21801, CVE-2024-22374 | DSA-2024-160, DSA-2024-306, DSA-2024-344, DSA-2024-160, DSA-2024-350, DSA-2024-359 |
| iDRAC | CVE-2024-25943, CVE-2023-48795, CVE-2024-38433, CVE-2024-6387, CVE-2023-29499 | DSA-2024-099, DSA-2024-021, DSA-2024-223, DSA-2024-342, DSA-2024-286 |
| OpenSSH | CVE-2020-15778 | https://nvd.nist.gov/vuln/search |
| CUPS | CVE-2024-47176, CVE-2024-47076 | https://nvd.nist.gov/vuln/search |
| Cisco Switches | CVE-2024-20399 | Cisco NX-OS Software CLI Command Injection Vulnerability |
| VMWare | CVE-2024-22273, CVE-2024-22274, CVE-2024-22275, CVE-2024-37086, CVE-2024-37087, CVE-2024-37085, CVE-2024-38812, CVE-2024-38813 | VMSA-2024-0011, VMSA-2024-0013, VMSA-2024-0013 , VMSA-2024-0019 |
| Python-Cryptography | CVE-2023-50782 | https://nvd.nist.gov/vuln/search |
| libexpat | CVE-2023-52425 | https://nvd.nist.gov/vuln/search |
| OpenSSL | CVE-2016-2183 | https://nvd.nist.gov/vuln/search |
| SQLparse | CVE-2023-30608 | https://nvd.nist.gov/vuln/search |
| OpenJDK | CVE-2024-21094 | https://nvd.nist.gov/vuln/search |
| JQuery | CVE-2020-11023 | https://nvd.nist.gov/vuln/search |
Berörda produkter och åtgärder
|
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
PowerFlex rack |
RCM |
Versions prior to 3.6.7.0
|
Version 3.6.7.0 or later
|
|
|
PowerFlex rack |
RCM |
Versions prior to 3.8.1.0 |
Version 3.8.1.0 or later |
|
Product |
Software/Firmware |
Affected Versions |
Remediated Versions |
Link |
|
PowerFlex rack |
RCM |
Versions prior to 3.6.7.0
|
Version 3.6.7.0 or later
|
|
|
PowerFlex rack |
RCM |
Versions prior to 3.8.1.0 |
Version 3.8.1.0 or later |
- In the case of manual upgrade for PowerFlex rack, please see this link:
https://www.dell.com/support/home/en-us/product-support/product/powerflex-rack-rcm-sw/drivers
Lösningar och åtgärder
None
Revideringshistorik
|
Revision |
Date |
Description |
|
1.0 |
2024-12-12 |
Initial Release |
|
2.0 |
2025-02-19 |
Major update; remediation content: |
|
3.0 |
2025-03-24 |
Major update, remediation content: |
Relaterad information
Juridisk friskrivning
Berörda produkter
PowerFlex rackArtikelegenskaper
Artikelnummer: 000259564
Artikeltyp: Dell Security Advisory
Senast ändrad: 24 mars 2025
Få svar på dina frågor från andra Dell-användare
Supporttjänster
Kontrollera om din enhet omfattas av supporttjänster.