DSA-2021-098: Dell VxRail Appliance Security Update for Multiple Vulnerabilities
摘要: Dell VxRail Appliance remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
影響
Critical
詳細資料
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21508 | Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Third-Party Component | CVEs | More information |
| VMware ESXi | CVE-2021-21994 | Severity: High, see VMSA-2021-0014.1 |
| CVE-2021-21995 | ||
|
VxRail Manager: SUSE Grub2 and others |
CVE-2020-14372 | SUSE grub2 UEFI secure boot bypass issues SUSE updates |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
|
VxRail Manager: OpenSSL |
CVE-2020-1971 | OpenSSL |
| CVE-2020-13935 | ||
| CVE-2020-17527 | ||
| CVE-2021-24122 | ||
| CVE-2020-25681 | ||
| CVE-2020-25682 | ||
| CVE-2020-25683 | ||
| CVE-2020-25684 | ||
| CVE-2020-25685 | ||
| CVE-2020-25686 | ||
| CVE-2020-25687 | ||
VxRail Node: Dell iDRAC8 Updates
|
CVE-2021-21510 | DSA-2021-041: Dell iDRAC 8 Security Update for a host header injection. |
VxRail Node: Dell iDRAC9 Updates
|
CVE-2021-21539 | DSA-2021-073: Dell iDRAC 9 Security Update for Multiple Vulnerabilities. |
| CVE-2021-21540 | ||
| CVE-2021-21541 | ||
| CVE-2021-21542 | ||
| CVE-2021-21543 | ||
| CVE-2021-21544 | ||
VxRail Node: Dell iDRAC9 Updates
|
CVE-2021-21538 | DSA-2021-082: Dell iDRAC 9 Security Update for Improper Authentication Vulnerability. |
| VMware: Photon OS | CVE-2017-2616 | Photon OS 3.0 Security Advisories. |
| CVE-2018-1000654 | ||
| CVE-2018-18751 | ||
| CVE-2019-1010305 | ||
| CVE-2019-13139 | ||
| CVE-2019-13509 | ||
| CVE-2019-19906 | ||
| CVE-2019-19921 | ||
| CVE-2019-20795 | ||
| CVE-2019-20807 | ||
| CVE-2019-20838 | ||
| CVE-2020-14155 | ||
| CVE-2019-5188 | ||
| CVE-2019-7309 | ||
| CVE-2020-10543 | ||
| CVE-2020-10878 | ||
| CVE-2020-12723 | ||
| CVE-2020-11984 | ||
| CVE-2020-11993 | ||
| CVE-2020-12062 | ||
| CVE-2020-12243 | ||
| CVE-2020-13776 | ||
| CVE-2020-13943 | ||
| CVE-2020-14342 | ||
| CVE-2020-15025 | ||
| CVE-2020-15257 | ||
| CVE-2020-15358 | ||
| CVE-2020-1971 | ||
| CVE-2020-21674 | ||
| CVE-2020-24659 | ||
| CVE-2020-24977 | ||
| CVE-2020-25613 | ||
| CVE-2020-25694 | ||
| CVE-2020-25695 | ||
| CVE-2020-27619 | ||
| CVE-2020-27673 | ||
| CVE-2020-27675 | ||
| CVE-2020-8037 | ||
| CVE-2020-8284 | ||
| CVE-2020-8285 | ||
| CVE-2020-8286 | ||
| CVE-2020-8623 | ||
| CVE-2020-8624 | ||
| CVE-2020-9490 | ||
| CVE-2020-11984 | ||
| CVE-2020-11993 | ||
| Proprietary Code CVEs | Description | CVSS Base Score | CVSS Vector String |
| CVE-2021-21508 | Dell VxRail versions before 7.0.200 contain a Plain-text Password Storage Vulnerability in VxRail Manager. A sys-admin user may exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | 6.7 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Third-Party Component | CVEs | More information |
| VMware ESXi | CVE-2021-21994 | Severity: High, see VMSA-2021-0014.1 |
| CVE-2021-21995 | ||
|
VxRail Manager: SUSE Grub2 and others |
CVE-2020-14372 | SUSE grub2 UEFI secure boot bypass issues SUSE updates |
| CVE-2020-25632 | ||
| CVE-2020-25647 | ||
| CVE-2020-27749 | ||
| CVE-2020-27779 | ||
| CVE-2021-20225 | ||
| CVE-2021-20233 | ||
|
VxRail Manager: OpenSSL |
CVE-2020-1971 | OpenSSL |
| CVE-2020-13935 | ||
| CVE-2020-17527 | ||
| CVE-2021-24122 | ||
| CVE-2020-25681 | ||
| CVE-2020-25682 | ||
| CVE-2020-25683 | ||
| CVE-2020-25684 | ||
| CVE-2020-25685 | ||
| CVE-2020-25686 | ||
| CVE-2020-25687 | ||
VxRail Node: Dell iDRAC8 Updates
|
CVE-2021-21510 | DSA-2021-041: Dell iDRAC 8 Security Update for a host header injection. |
VxRail Node: Dell iDRAC9 Updates
|
CVE-2021-21539 | DSA-2021-073: Dell iDRAC 9 Security Update for Multiple Vulnerabilities. |
| CVE-2021-21540 | ||
| CVE-2021-21541 | ||
| CVE-2021-21542 | ||
| CVE-2021-21543 | ||
| CVE-2021-21544 | ||
VxRail Node: Dell iDRAC9 Updates
|
CVE-2021-21538 | DSA-2021-082: Dell iDRAC 9 Security Update for Improper Authentication Vulnerability. |
| VMware: Photon OS | CVE-2017-2616 | Photon OS 3.0 Security Advisories. |
| CVE-2018-1000654 | ||
| CVE-2018-18751 | ||
| CVE-2019-1010305 | ||
| CVE-2019-13139 | ||
| CVE-2019-13509 | ||
| CVE-2019-19906 | ||
| CVE-2019-19921 | ||
| CVE-2019-20795 | ||
| CVE-2019-20807 | ||
| CVE-2019-20838 | ||
| CVE-2020-14155 | ||
| CVE-2019-5188 | ||
| CVE-2019-7309 | ||
| CVE-2020-10543 | ||
| CVE-2020-10878 | ||
| CVE-2020-12723 | ||
| CVE-2020-11984 | ||
| CVE-2020-11993 | ||
| CVE-2020-12062 | ||
| CVE-2020-12243 | ||
| CVE-2020-13776 | ||
| CVE-2020-13943 | ||
| CVE-2020-14342 | ||
| CVE-2020-15025 | ||
| CVE-2020-15257 | ||
| CVE-2020-15358 | ||
| CVE-2020-1971 | ||
| CVE-2020-21674 | ||
| CVE-2020-24659 | ||
| CVE-2020-24977 | ||
| CVE-2020-25613 | ||
| CVE-2020-25694 | ||
| CVE-2020-25695 | ||
| CVE-2020-27619 | ||
| CVE-2020-27673 | ||
| CVE-2020-27675 | ||
| CVE-2020-8037 | ||
| CVE-2020-8284 | ||
| CVE-2020-8285 | ||
| CVE-2020-8286 | ||
| CVE-2020-8623 | ||
| CVE-2020-8624 | ||
| CVE-2020-9490 | ||
| CVE-2020-11984 | ||
| CVE-2020-11993 | ||
受影響的產品與補救措施
|
|
修訂歷史記錄
|
相關資訊
法律免責聲明
受影響的產品
VxRail, Product Security Information文章屬性
文章編號: 000186422
文章類型: Dell Security Advisory
上次修改時間: 19 9月 2025
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。