DSA-2021-260: Dell PowerPath Management Appliance Security Update for a Hard Coded Encryption Key Vulnerability

摘要: Dell PowerPath Management Appliance remediation is available for a hard coded encryption key vulnerability that may be exploited by malicious users to compromise the affected system.

本文适用于 本文不适用于 本文并非针对某种特定的产品。 本文并非包含所有产品版本。

影响

High

详情

Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2021-43587 Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges. 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Proprietary Code CVE Description CVSS Base Score CVSS Vector String
CVE-2021-43587 Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded cryptographic key. A local high-privileged malicious user may potentially exploit this vulnerability to gain access to secrets and elevate to gain higher privileges. 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数,这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

Product Affected Versions Updated Versions Link to Update
Dell PowerPath Management Appliance 2.6 3.2 P01 https://www.dell.com/support/home/en-in/product-support/product/powerpath-management-appliance/drivers
3.0
3.0 P01
3.1
3.2
Product Affected Versions Updated Versions Link to Update
Dell PowerPath Management Appliance 2.6 3.2 P01 https://www.dell.com/support/home/en-in/product-support/product/powerpath-management-appliance/drivers
3.0
3.0 P01
3.1
3.2

修订历史记录

RevisionDateDescription
1.02021-12-09Initial Release

相关信息

受影响的产品

Product Security Information
文章属性
文章编号: 000194083
文章类型: Dell Security Advisory
上次修改时间: 18 9月 2025
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。