DSA-2021-186: PowerPath Windows Security Update for OpenSSL_Configuration Utility Vulnerabilities

摘要: OpenSSL_Configuration Utility for PowerPath Windows contains remediation for SM2 Decryption Buffer Overflow and Read buffer overruns processing ASN.1 strings vulnerabilities that could be exploited by malicious users to compromise the affected systems. OpenSSL is being used for communication between PowerPath Windows host and Management server. OpenSSL is not bundled in PowerPath Windows package. However, separate compiled OpenSSL libraries are provided to customers through Dell EMC download site along with an installation script so that customers can install them separately. As vulnerability has been disclosed in the OpenSSL versions, as a remediation PowerPath engineering will update the download site with the latest OpenSSL libraries. ...

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

法律免责声明

受影响的产品

提供反馈

本文适用于本文不适用于本文并非针对某种特定的产品。本文并非包含所有产品版本。

查看其他资源

影响

High

详情

Third-Party Component	CVE(s)	More information
Third-Party Component	CVE-2021-3711	https://nvd.nist.gov/vuln/detail/CVE-2021-3711
Third-Party Component	CVE-2021-3712	https://nvd.nist.gov/vuln/detail/CVE-2021-3712

Third-Party Component	CVE(s)	More information
Third-Party Component	CVE-2021-3711	https://nvd.nist.gov/vuln/detail/CVE-2021-3711
Third-Party Component	CVE-2021-3712	https://nvd.nist.gov/vuln/detail/CVE-2021-3712

Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数，这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

CVE(s) Addressed	Product	Affected Version(s)	Updated Version(s)	Link to Update
CVE-2021-3711	PowerPath Windows	OpenSSL_Configuration Utility	OpenSSL_Configuration Utility 2.0	https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers
CVE-2021-3712	PowerPath Windows	OpenSSL_Configuration Utility	OpenSSL_Configuration Utility 2.0	https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers

Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

CVE(s) Addressed	Product	Affected Version(s)	Updated Version(s)	Link to Update
CVE-2021-3711	PowerPath Windows	OpenSSL_Configuration Utility	OpenSSL_Configuration Utility 2.0	https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers
CVE-2021-3712	PowerPath Windows	OpenSSL_Configuration Utility	OpenSSL_Configuration Utility 2.0	https://www.dell.com/support/home/en-in/product-support/product/powerpath-for-windows/drivers

Note: The table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

解决方法和缓解措施

None

修订历史记录

Revision	Date	Description
1.0	2021-09-16	Initial Release

法律免责声明

受影响的产品

Product Security Information

文章编号: 000191543

文章类型: Dell Security Advisory

上次修改时间: 21 11月 2025

DSA-2021-186: PowerPath Windows Security Update for OpenSSL_Configuration Utility Vulnerabilities

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

DSA-2021-186: PowerPath Windows Security Update for OpenSSL_Configuration Utility Vulnerabilities

详细文章

影响

详情

受影响的产品和补救措施

解决方法和缓解措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务